التحقیق الجنائي الرقمي

1. ‫اﻟﺮﻗﻤﻲ‬ ‫اﻟﺠﻨﺎﺋﻲ‬ ‫اﻟﺘﺤﻘﯿﻖ‬
:‫اﻟرﻗﻣﯾﺔ‬ ‫اﻷدﻟﺔ‬ ‫ﻣﻊ‬ ‫اﻟﺗﻌﺎﻣل‬
‫ﻓﺿل‬ ‫ﻋﺑداﻟﻣﺎﺟد‬

2. ‫اﻟﺮﻗﻤﻲ‬ ‫اﻟﺠﻨﺎﺋﻲ‬ ‫اﻟﺘﺤﻘﯿﻖ‬ ‫ھﻮ‬ ‫ﻣﺎ‬ ‫او‬ ‫آﻟﻲ‬ ‫ﺣﺎﺳب‬ ‫ﺟﮭﺎز‬ ‫ﻷي‬ ‫واﻟﺗدﻗﯾق‬ ‫اﻟﻔﺣص‬ ‫ﻋﻣﻠﯾﺔ‬
‫اﺳﺗﻌﻣﺎﻟﮫ‬ ‫ﺗم‬ ‫ﻗد‬ ‫ﻛﺎن‬ ‫إذا‬ ‫ﻟﺗﺣدﯾد‬ ‫ﻣﻠﺣﻘﺎﺗﮭم‬ ‫و‬ ‫ﻣﺣﻣول‬
‫ﻣﺷروع‬ ‫ﻏﯾر‬ ‫ﻋﻣل‬ ‫او‬ ‫اﻟﻛﺗروﻧﯾﺔ‬ ‫ﺟرﯾﻣﺔ‬ ‫ﻓﻲ‬

3. :‫ﻧﻮﻋﺎن‬ ‫اﻟﺒﯿﺎﻧﺎت‬ ‫ﻋﻠﻰ‬ ‫اﻟﺤﺼﻮل‬ .1
(‫اﻟﺣﯾﺔ)ﻣؤﻗﺗﺔ‬ ‫اﻟﺑﯾﺎﻧﺎت‬ ‫ﻋﻠﻰ‬ ‫اﻟﺣﺻول‬
.2
(‫ﻣؤﻗﺗﺔ‬ ‫اﻟﺛﺎﺑﺗﺔ)ﻏﯾر‬ ‫اﻟﺑﯾﺎﻧﺎت‬ ‫ﻋﻠﻰ‬ ‫اﻟﺣﺻول‬

4. ‫اﻟﺤﯿﺔ‬ ‫اﻟﺒﯿﺎﻧﺎت‬ ‫ﻋﻠﻰ‬ ‫اﻟﺤﺼﻮل‬
:‫ﻧﻮﻋﺎن‬
.1
‫اﻷﻧظﻣﺔ‬ ‫ﻋﻠﻰ‬ ‫ﺑﯾﺎﻧﺎت‬
.2
‫اﻟﺷﺑﻛﺔ‬ ‫ﻋن‬ ‫ﺑﯾﺎﻧﺎت‬

5. :‫اﻟﻤﺘﻘﻠﺒﺔ‬ ‫اﻟﺒﯿﺎﻧﺎت‬ ‫ﻋﻠﻰ‬ ‫أﻣﺜﻠﺔ‬ .1
‫وﺳﺟﻼت‬ ‫ﻣؤﻗت‬ ‫ﺗﺧزﯾن‬
.2
‫اﻟﻌﻣﻠﯾﺎت‬ ‫ﺟدول‬ ‫و‬ ‫اﻟﺗوﺟﯾﮫ‬ ‫ﺟدول‬
.3
‫ﺑﻌد‬ ‫ﻋن‬ ‫اﻟدﺧول‬ ‫ﻣﻌﻠوﻣﺎت‬
.4
‫واﻹﻋدادات‬ ‫اﻟﺷﺑﻛﺔ‬ ‫ﺗرﻛﯾب‬ ‫ﺷﻛل‬
.5
‫اﻷرﺷﯾف‬ ‫ﻓﻲ‬ ‫اﻟﻣﺣﻔوظﺔ‬ ‫اﻟﻣﻌﻠوﻣﺎت‬

6. ‫اﻟﺒﯿﺎﻧﺎت‬ ‫ﻋﻠﻰ‬ ‫اﻟﺤﺼﻮل‬ ‫ﺧﻄﻮات‬
:‫اﻟﻤﺆﻗﺘﺔ‬
.1
‫ﻟﻠﺣوادث‬ ‫اﻻﺳﺗﺟﺎﺑﺔ‬ ‫ﻋﻣﻠﯾﺔ‬ ‫ﺗﺟﮭﯾز‬
.a
‫اﻻﺳﺗﺟﺎﺑﺔ‬ ‫أدوات‬
.b
‫اﻻﺳﺗﺟﺎﺑﺔ‬ ‫ﻓرﯾق‬
.2
‫اﻻﺳﺗﺟﺎﺑﺔ‬ ‫ﻋﻣﻠﯾﺔ‬ ‫ﺗوﺛﯾق‬
.a
‫ﻟﻠﻘراءه‬ ‫ﻗﺎﺑﻠﮫ‬ ‫ﺗﻛون‬ ‫ان‬ ‫اﻟﺳﺟﻼت‬ ‫ﺟﻣﯾﻊ‬ ‫ﻣن‬ ‫اﻟﺗﺄﻛد‬
.b
‫اﻻﺳﺗﺟﺎﺑﺔ‬ ‫ﻋﻣﻠﯾﺔ‬ ‫أﺛﻧﺎء‬ ‫ﺣدﺛت‬ ‫اﻟﺗﻲ‬ ‫اﻟﻌﻣﻠﯾﺎت‬ ‫ﺟﻣﯾﻊ‬ ‫ﺗوﺛﯾق‬
.c
‫ﺗﺣدﯾد‬ ‫و‬ ‫ﺧطواﺗﮭﺎ‬ ‫و‬ ‫اﻷول‬ ‫اﻟﻣﺳﺗﺟﯾب‬ ‫أدوات‬ ‫اﺳﺗﻌﻣﺎل‬
‫ﻟﻠﺣﺎدﺛﺔ‬ ‫اﻟﻣﻧﺎﺳﺑﺔ‬ ‫اﻷدوات‬
.3
‫اﻟﻣوﺟودة‬ ‫اﻟﺳﯾﺎﺳﺎت‬ ‫ﻣن‬ ‫اﻟﺗﺄﻛد‬
.a
‫اﻟﺷﺑﻛﺔ‬ ‫و‬ ‫اﻷﻧظﻣﺔ‬ ‫ﺳﯾﺎﺳﺎت‬ ‫ﻣن‬ ‫أي‬ ‫ﺧرق‬ ‫ﻋدم‬
.b
‫اﻟﻣﺳﺗﺧدم‬ ‫ﺣﻘوق‬ ‫ﺳﯾﺎﺳﺎت‬ ‫ﺧرق‬ ‫ﻋدم‬

7. ‫اﻟﺒﯿﺎﻧﺎت‬ ‫ﻋﻠﻰ‬ ‫اﻟﺤﺼﻮل‬ ‫ﺧﻄﻮات‬
:‫اﻟﻤﺆﻗﺘﺔ‬
.4
‫اﻟﻣؤﻗﺗﺔ‬ ‫اﻟﺑﯾﺎﻧﺎت‬ ‫و‬ ‫اﻟﻣﻌﻠوﻣﺎت‬ ‫ﺟﻣﻊ‬ ‫اﺳﺗراﺗﯾﺟﯾﺔ‬
.a
‫و‬ ‫اﻟﻣﻘﺎﺑﻼت‬ ‫و‬ ‫اﻷول‬ ‫اﻟﻣﺳﺗﺟﯾب‬ ‫أدوات‬ ‫اﺳﺗﻌﻣﺎل‬ ‫ﻋﺑر‬
‫اﻟﻣﻌﻠوﻣﺎت‬ ‫ﺟﻣﻊ‬ ‫اﺳﺗراﺗﯾﺟﯾﺔ‬ ‫ﯾﺣدد‬ ‫اﻻﺳﺋﻠﺔ‬
.5
‫اﻟﻣﻌﻠوﻣﺎت‬ ‫ﺟﻣﻊ‬ ‫ﻋﻣﻠﯾﺔ‬ ‫ﺗﺟﮭﯾز‬
.a
shell ‫أواﻣر‬ ‫ﻣن‬ ‫ﻣوﺛوﻗﺔ‬ ‫أواﻣر‬ ‫ﺗﺣدﯾد‬
.b
‫اﻟﺑﯾﺎﻧﺎت‬ ‫و‬ ‫اﻟﻣﻌﻠوﻣﺎت‬ ‫ﻧﻘل‬ ‫طرﯾﻘﺔ‬ ‫ﺗﺣدﯾد‬
.c
‫اﻟﺗﺣﻘﯾق‬ ‫ادوات‬ ‫ﻧﺗﺎﺋﺞ‬ ‫وﻣﺻداﻗﯾﺔ‬ ‫ﻣوﺛوﻗﯾﺔ‬ ‫ﻣن‬ ‫اﻟﺗﺄﻛد‬
.6
‫اﻟﻣﻌﻠوﻣﺎت‬ ‫ﺟﻣﻊ‬ ‫ﻋﻣﻠﯾﺔ‬
.a
‫ﻛﺎن‬ ‫اذا‬ ‫ﺗﺷﻐﯾﻠﮫ‬ ‫ﻋدم‬ ‫و‬ ‫ﯾﻌﻣل‬ ‫ﻛﺎن‬ ‫اذا‬ ‫اﻟﺟﮭﺎز‬ ‫اﻏﻼق‬ ‫ﻋدم‬
‫ﻻﯾﻌﻣل‬

8. ‫ﯾﺘﺒﻊ‬ .b
‫اﻟﻣوﺟودة‬ ‫اﻟﺳﺟﻼت‬ ‫ﻛل‬ ‫ﺟﻣﻊ‬
.c
‫اﻟﺣﺎﻟﺔ‬ ‫ﻟﺗوﺛﯾق‬ ‫اﻟﺟﮭﺎز‬ ‫ﯾﻌﻣل‬ ‫ﻛﺎن‬ ‫اذا‬ ‫اﻟﺷﺎﺷﺔ‬ ‫ﺗﺻوﯾر‬
‫اﻟراھﻧﺔ‬
.d
‫ﺑﮫ‬ ‫اﻟﻣﺷﺗﺑﮫ‬ ‫ﻟﻠﺟﮭﺎز‬ ‫اﻟﺗﺷﻐﯾل‬ ‫ﻧظﺎم‬ ‫ﺗﺣدﯾد‬
.e
‫اﻟزﻣن‬ ‫ﻗﺎرن‬ ‫و‬ ‫اﻟﺳﺎﺑﻘﮫ‬ ‫اﻻواﻣر‬ ‫و‬ ‫اﻟﺳﺎﻋﺔ‬ ‫و‬ ‫اﻟﺗﺎرﯾﺦ‬ ‫ﺳﺟل‬
‫اﻟﺣﺎﻟﻲ‬ ‫ﺑﺎﻟزﻣن‬ ‫اﻟﻣﺷﺗﺑﮫ‬ ‫اﻟﺟﮭﺎز‬ ‫ﻋﻠﻰ‬
.f
‫اﻟﻣﻠﻔﺎت‬ ‫ﻋﻠﻲ‬ ‫ﺗﺷﻔﯾر‬ ‫ﯾﺳﺗﻌﻣل‬ ‫ﺑﮫ‬ ‫اﻟﻣﺷﺗﺑﮫ‬ ‫اﻟﺟﮭﺎز‬ ‫ھل‬ ‫ﺗﺄﻛد‬
.g
‫ﺟﻣﻊ‬ ‫ﻋﻧد‬ ‫ﻋﺎﻟﯾﺔ‬ ‫ﺻﻼﺣﯾﺎت‬ ‫ﺑﮭﺎ‬ ‫أدوات‬ ‫اﺳﺗﻌﻣﺎل‬ ‫ﻋدم‬
‫اﻟﻣﻌﻠوﻣﺎت‬
.h
‫واﻟﺗﺎرﯾﺦ‬ ‫اﻟزﻣن‬ ‫ﺑﺗﺳﺟﯾل‬ ‫ﻗم‬ ‫اﻟﺗﺣﻘﯾق‬ ‫أدوات‬ ‫اﺳﺗﻌﻣﺎل‬ ‫ﻋﻧد‬
‫ﻟﻠﻣراﺟﻌﮫ‬

9. ‫ﯾﺘﺒﻊ‬ .b
‫اﻟﻣوﺟودة‬ ‫اﻟﺳﺟﻼت‬ ‫ﻛل‬ ‫ﺟﻣﻊ‬
.c
‫اﻟﺣﺎﻟﺔ‬ ‫ﻟﺗوﺛﯾق‬ ‫اﻟﺟﮭﺎز‬ ‫ﯾﻌﻣل‬ ‫ﻛﺎن‬ ‫اذا‬ ‫اﻟﺷﺎﺷﺔ‬ ‫ﺗﺻوﯾر‬
‫اﻟراھﻧﺔ‬
.d
‫ﺑﮫ‬ ‫اﻟﻣﺷﺗﺑﮫ‬ ‫ﻟﻠﺟﮭﺎز‬ ‫اﻟﺗﺷﻐﯾل‬ ‫ﻧظﺎم‬ ‫ﺗﺣدﯾد‬
.e
‫اﻟزﻣن‬ ‫ﻗﺎرن‬ ‫و‬ ‫اﻟﺳﺎﺑﻘﮫ‬ ‫اﻻواﻣر‬ ‫و‬ ‫اﻟﺳﺎﻋﺔ‬ ‫و‬ ‫اﻟﺗﺎرﯾﺦ‬ ‫ﺳﺟل‬
‫اﻟﺣﺎﻟﻲ‬ ‫ﺑﺎﻟزﻣن‬ ‫اﻟﻣﺷﺗﺑﮫ‬ ‫اﻟﺟﮭﺎز‬ ‫ﻋﻠﻰ‬
.f
‫اﻟﻣﻠﻔﺎت‬ ‫ﻋﻠﻲ‬ ‫ﺗﺷﻔﯾر‬ ‫ﯾﺳﺗﻌﻣل‬ ‫ﺑﮫ‬ ‫اﻟﻣﺷﺗﺑﮫ‬ ‫اﻟﺟﮭﺎز‬ ‫ھل‬ ‫ﺗﺄﻛد‬
.g
‫ﺟﻣﻊ‬ ‫ﻋﻧد‬ ‫ﻋﺎﻟﯾﺔ‬ ‫ﺻﻼﺣﯾﺎت‬ ‫ﺑﮭﺎ‬ ‫أدوات‬ ‫اﺳﺗﻌﻣﺎل‬ ‫ﻋدم‬
‫اﻟﻣﻌﻠوﻣﺎت‬
.h
‫واﻟﺗﺎرﯾﺦ‬ ‫اﻟزﻣن‬ ‫ﺑﺗﺳﺟﯾل‬ ‫ﻗم‬ ‫اﻟﺗﺣﻘﯾق‬ ‫أدوات‬ ‫اﺳﺗﻌﻣﺎل‬ ‫ﻋﻧد‬
‫ﻟﻠﻣراﺟﻌﮫ‬

10. ‫ﯾﺘﺒﻊ‬ .i
‫أي‬ ‫ﻣن‬ ‫ﺧﺎﻟﯾﺔ‬ ‫و‬ ‫اﻟﻣﮭﯾﺋﮫ‬ ‫اﻻﻗراص‬ ‫ﻓﻲ‬ ‫ﺣﻔظﮭﺎ‬ ‫و‬ ‫اﻟﻣؤﻗﺗﮫ‬ ‫اﻟذاﻛرة‬ ‫ﺟﻣﻊ‬
removable devices ‫ﻣﻌﻠوﻣﺎت‬
.j
‫ﻓﻲ‬ ‫ﺣﻔظﮭﺎ‬ ‫و‬ ‫اﻟﺗﺷﻐﯾل‬ ‫ﻧظﺎم‬ ‫ﻓﻲ‬ ‫اﻟﻣوﺟودة‬ ‫اﻟﺳﺟﻼت‬ ‫ﻛل‬ ‫ﺟﻣﻊ‬
‫أﻋﻼه‬ ‫اﻟﻧﻘطﺔ‬ ‫ﻓﻲ‬ ‫ﻟﻺزاﻟﺔ‬ ‫اﻟﻘﺎﺑﻠﺔ‬ ‫اﻷﻗراص‬
.k
‫ﯾﺗﻌﻠق‬ ‫ﺷﻲء‬ ‫أي‬ ‫و‬ ‫اﻟﺻﻠب‬ ‫اﻟﻘرص‬ ‫او‬ ‫اﻟﺟﮭﺎز‬ ‫اﺧذ‬ ‫طرﯾﻘﺔ‬ ‫ﺗﺣدﯾد‬
‫ﺑﺎﻟﺣﺎدﺛﺔ‬
.l
‫ﺟﻣﻊ‬ ‫ﻓﻲ‬ ‫اﺗﺧذت‬ ‫ﺧطوة‬ ‫أي‬ ‫ﻓﯾﮫ‬ ‫ﯾوﺛق‬ ‫وﺷﺎﻣل‬ ‫ﻛﺎﻣل‬ ‫ﺗﻘرﯾر‬ ‫ﺗﺟﮭﯾز‬
‫اﻷدﻟﺔ‬ ‫وﺗﺣﺻﯾل‬

11. ‫اﻟﺜﺎﺑﺘﺔ‬ ‫اﻟﺒﯿﺎﻧﺎت‬ ‫ﻋﻠﻰ‬ ‫اﻟﺤﺼﻮل‬ :‫اﻟﺛﺎﺑﺗﺔ‬ ‫اﻟﺑﯾﺎﻧﺎت‬ ‫ﺗﻌرﯾف‬
‫ﺗﺷﻐﯾل‬ ‫اﻋﺎدة‬ ‫او‬ ‫ﺑﺎﻏﻼق‬ ‫ﺗﺗﻐﯾر‬ ‫ﻻ‬ ‫اﻟﺗﻲ‬ ‫اﻟﺑﯾﻧﺎت‬ ‫أﻧﮭﺎ‬ ‫ﻋﻠﻰ‬ ‫ﺗﻌرف‬
‫اﻟﻣﺣﻣول‬ ‫او‬ ‫اﻟﺣﺎﺳب‬ ‫ﺟﮭﺎز‬
:‫اﻟﺛﺎﺑﺗﺔ‬ ‫اﻟﺑﯾﺎﻧﺎت‬ ‫ﻋﻠﻰ‬ ‫ﺗﺣﺗوي‬ ‫اﻟﺗﻲ‬ ‫اﻷﻗراص‬ ‫أﻧواﻋﮭﺎ‬
‫ﻣﺿﻐوطﺔ‬ ‫أﻗراص‬ ‫و‬ ‫ذاﻛرة‬ ‫أﻗراص‬ ‫و‬ ‫ﺻﻠﺑﮫ‬ ‫أﻗراص‬
:‫اﻟﺛﺎﺑﺗﺔ‬ ‫اﻟﺑﯾﺎﻧﺎت‬ ‫ﻋﻠﻰ‬ ‫أﻣﺛﻠﺔ‬
‫اﻟﻣﺑﺎدﻟﺔ‬ ‫ﻣﻠﻔﺎت‬ ‫و‬ ‫اﻟرﻛود‬ ‫وﻣﺳﺎﺣﺔ‬ ‫واﻟﻣﻠﻔﺎت‬ ‫اﻻﻟﻛﺗروﻧﻲ‬ ‫اﻟﺑرﯾد‬

12. ‫أﺳﺎﺳﯿﺔ‬ ‫ﻗﻮاﻋﺪ‬ ‫اﻷﺳﺎﺳﻲ‬ ‫اﻟدﻟﯾل‬ ‫ﻋﻠﻰ‬ ‫ﺗﻌﻣل‬ ‫ﻻ‬
‫اﻟدﻟﯾل‬ ‫ﻣن‬ ‫ﻧﺳﺧﺗﯾن‬ ‫ﺑﻧﺳﺦ‬ ‫ﻗم‬
: ‫اﻷﺳﺎﺳﻲ‬
●
‫و‬ ‫ﻟﻠﺗﺣﻠﯾل‬ ‫ﺗﺳﺗﻌﻣل‬ ‫اﻷوﻟﻰ‬
‫اﻟﺗﺣﻘق‬
●
‫اﻟﻧﺳﺧﺔ‬ ‫ﺣﺎﻟﺔ‬ ‫ﻓﻲ‬ ‫ﺗﺣﻔظ‬ ‫اﻟﺛﺎﻧﯾﺔ‬
‫ﺗﻌﻣل‬ ‫ﺗﻌد‬ ‫ﻟم‬ ‫اﻷوﻟﻰ‬

13. ‫اﻟﺪﻟﯿﻞ‬ ‫ﻣﻦ‬ ‫ﻧﺴﺨﺘﯿﻦ‬ ‫ﺗﻨﺴﺦ‬ ‫ﻟﻤﺎذا‬ ●
‫اﻷﺳﺎﺳﻲ‬ ‫اﻟدﻟﯾل‬ ‫ﺣﻔظ‬
●
‫اﻻﺳﺎﺳﻲ‬ ‫اﻟدﻟﯾل‬ ‫ﺗﻌدﯾل‬ ‫ﺗﻣﻧﻊ‬
‫اﻟﻔﺣص‬ ‫اﺛﻧﺎء‬
●
‫إﺿﺎﻓﯾﺔ‬ ‫ﻧﺳﺦ‬ ‫ﻧﺳﺦ‬ ‫ﻓرﺻﺔ‬ ‫ﺗﺗﯾﺢ‬
●
‫طﺑق‬ ‫ﺗﻛون‬ ‫اﻹﺿﺎﻓﯾﺔ‬ ‫اﻟﻧﺳﺦ‬
‫اﻷﺳﺎﺳﻲ‬ ‫اﻟدﻟﯾل‬ ‫ﻣن‬ ‫اﻷﺻل‬

14. ‫ﻧﺴﺦ‬ vs ‫ﻟﻸﺻﻞ‬ ‫ﻣﻄﺎﺑﻘﺔ‬ ‫ﻧﺴﺨﺔ‬
‫ﻋﺎدي‬
:‫ﻟﻸﺻل‬ ‫ﻣطﺎﺑﻘﺔ‬ ‫ﻧﺳﺧﺔ‬
●
bit-by-bit copy ‫ﺗﺳﻣﻲ‬
●
‫اﻟﻔﺎرﻏﺔ‬ ‫اﻟﻣﺳﺎﺣﺎت‬ ‫ﻣﻌﮭﺎ‬ ‫ﺗﻧﻘل‬
‫اﻟﻣﻠﻔﺎت‬ ‫و‬ ‫اﻟﻣﻠﻔﺎت‬ ‫ﺑﯾن‬
‫اﻟﻣﻌﻠوﻣﺎت‬ ‫وﻛل‬ ‫اﻟﻣﺣذوﻓﺔ‬
●
‫وھﻲ‬ CRC ‫ﺗﻘﻧﯾﺔ‬ ‫ﻋﻠﻰ‬ ‫ﺗﻌﺗﻣد‬
‫ﺑﻌد‬ ‫اﻟﻧﺳﺧﺔ‬ ‫ﺻﺣﺔ‬ ‫ﻣراﺟﻌﺔ‬
‫اﻟﻧﺳﺦ‬

15. ‫ﻧﺴﺦ‬ vs ‫ﻟﻸﺻﻞ‬ ‫ﻣﻄﺎﺑﻘﺔ‬ ‫ﻧﺴﺨﺔ‬
‫ﻋﺎدي‬
:‫ﻋﺎدي‬ ‫ﻧﺳﺦ‬
●
‫ﻋﺎدي‬ ‫ﻧﺳﺦ‬ ‫اﻟﻣﻌﻠوﻣﺎت‬ ‫اﻧﺳﺦ‬
●
‫ﺑﯾن‬ ‫اﻟﻔﺎرﻏﺔ‬ ‫اﻟﻣﺳﺎﺣﺎت‬ ‫ﺗﻧﻘل‬ ‫ﻻ‬
‫اﻟﻣﺣذوﻓﺔ‬ ‫اﻟﻣﻠﻔﺎت‬ ‫أو‬ ‫اﻟﻣﻠﻔﺎت‬
●
‫ﻓﻲ‬ ‫ﯾﻐﯾر‬ ‫اﻟﻌﺎدي‬ ‫اﻟﻧﺳﺦ‬
‫ﺗم‬ ‫ﻣﺗﻰ‬ ‫ھﻲ‬ ‫و‬ timestamp
‫ﺗم‬ ‫ﻣﺗﻰ‬ ‫و‬ ‫اﻟﻣﻠف‬ ‫ﺻﻧﻊ‬
‫اﻟﯾﮫ‬ ‫اﻟوﺻول‬

16. ‫اﻟﻤﻠﻔﺎت‬ ‫اﻟﺤﺼﻮل‬ ‫ﺧﻄﻮات‬
‫وﻧﺴﺨﮭﺎ‬
.1
‫اﻷدﻟﺔ‬ ‫دورة‬ ‫ﺳﻠﺳﻠﺔ‬ ‫ﺗﺟﮭﯾز‬
.2
‫اﻟدﻟﯾل‬ ‫ﻋﻠﻰ‬ ‫اﻟﻛﺗﺎﺑﺔ‬ ‫ﻋدم‬ ‫ﺗﻣﻛﯾن‬
‫اﻷﺳﺎﺳﻲ‬
.3
‫إﻟﯾﮫ‬ ‫اﻟﻣﻧﻘول‬ ‫اﻟﻘرص‬ ‫ﺗﻌﻘﯾم‬
.4
‫ﻧﻘﻠﮭﺎ‬ ‫اﻟﻣراد‬ ‫اﻟﻣﻌﻠوﻣﺎت‬ ‫ﻧوع‬ ‫ﺗﺣدﯾد‬
.5
‫ﻧﻘل‬ ‫طرﯾﻘﺔ‬ ‫أﻓﺿل‬ ‫ﺗﺣدﯾد‬
.6
‫اﻟدﻟﯾل‬ ‫ﻋﺑر‬ ‫ﺗﻧﻘل‬ ‫اﻟﺗﻲ‬ ‫اﻷداة‬ ‫اﺧﺗﯾﺎر‬
.7
‫اﻟﻣﻌﻠوﻣﺎت‬ ‫ﻋﻠﻰ‬ ‫اﻟﺣﺻول‬
.8
‫ﺑدﯾﻠﺔ‬ ‫ﺧطﺔ‬ ‫ﺗﺟﮭﯾز‬
.9
‫اﻟﻣﻌﻠوﻣﺎت‬ ‫ﻋﻠﻰ‬ ‫اﻟﺣﺻول‬ ‫ﻣن‬ ‫اﻟﺗﺄﻛد‬

17. ‫اﻟﺪﻟﯿﻞ‬ ‫ﻋﻠﻰ‬ ‫اﻟﻜﺘﺎﺑﺔ‬ ‫ﻋﺪم‬ ‫ﺗﻤﻜﯿﻦ‬
‫اﻷﺳﺎﺳﻲ‬
‫اﻟدﻟﯾل‬ ‫ﻋﻠﻰ‬ ‫اﻟﻛﺗﺎﺑﺔ‬ ‫ﻋدم‬ ‫ﺗﻣﻛن‬ ‫اﻟﺗﻲ‬ ‫اﻷدوات‬ ‫ﺑﻌض‬
:‫اﻷﺳﺎﺳﻲ‬
:Hardware
●
WiebeTech CRU
●
USB Blocker
●
Tableau forensic bridges
:‫ﺑراﻣﺞ‬ Software
●
Safeblock
●
MAC forensic Lab write controller

18. ‫اﻟﯿﮫ‬ ‫اﻟﻨﻘﻞ‬ ‫اﻟﻤﺮاد‬ ‫اﻟﻘﺮص‬ ‫ﺗﻌﻘﯿﻢ‬ : ‫ﻗراءة‬
NIST SP 800-88

19. ‫اﻟﻤﺮاد‬ ‫اﻟﻤﻌﻠﻮﻣﺎت‬ ‫أﻧﻮاع‬ ‫ﺗﺤﺪﯾﺪ‬
‫ﻋﻠﯿﮭﺎ‬ ‫اﻟﺤﺼﻮل‬
.1
‫ﺧﺎم‬ ‫ﻣﻌﻠوﻣﺎت‬
.2
‫اﻧواع‬ ‫ﻟدﯾﮭﺎ‬ ‫اﻟﺗﺟﺎرﯾﺔ‬ ‫اﻷدوات‬ :‫اﻣﺗﻼﻛﯾﺔ‬ ‫ﻣﻌﻠوﻣﺎت‬
‫اﻷﺷﻛﺎل‬ ‫ﻣن‬ ‫ﻣﻌﯾﻧﮫ‬
.3
Advanced Forensic : Format (AFF
‫ﻟﯾﻧﻛس‬ ‫ﻣﺛل‬ ‫اﻟﻣﻔﺗوﺣﮫ‬ ‫اﻟﻣﺻﺎدر‬ ‫ﻣن‬ ‫اﻷﻧواع‬ ‫ھذه‬
.4
Advanced Forensic Framework 4
‫ﻣﺗﻘدم‬ ‫ﺟﻧﺎﺋﻲ‬ ‫إطﺎر‬
.5
‫ﻣﺻداﻗﯾﺔ‬ ‫ﺗﺳﺗﻌﻣل‬ :Generic forensic Zip
Hashes ‫اﻟﻣﻠﻔﺎت‬
.6

20. ‫اﻟﻤﻌﻠﻮﻣﺎت‬ ‫ﻋﻠﻰ‬ ‫اﻟﺤﺼﻮل‬ ‫طﺮق‬ :‫ﺻورة‬ ‫اﻟﻲ‬ ‫ﺻﻠب‬ ‫ﻗرص‬ ‫ﻣن‬
:‫اﻻدوات‬
Prodiscover, EnCase, FTK, The Sleuth kit,
X
Ways Forensics
:‫ﺻﻠب‬ ‫ﻗرص‬ ‫اﻟﻰ‬ ‫ﺻﻠب‬ ‫ﻗرص‬ ‫ﻣن‬
:‫اﻻدوات‬
EnCase, Symantec Ghost
‫اﻛﺑر‬ ‫او‬ ‫ﻣﺳﺎوي‬ ‫اﻟﯾﮫ‬ ‫اﻟﻧﻘل‬ ‫اﻟﻣراد‬ ‫اﻟﻘرص‬ ‫ﯾﻛون‬ ‫ان‬ ‫ﺷﯾﺊ‬ ‫اھم‬
‫ﻣﻧﮫ‬ ‫اﻟﻣﻧﻘول‬ ‫اﻟﻘرص‬ ‫ﻣن‬
RAID ‫و‬ outlook.pst/ost ‫ﻧﻘل‬ ‫أﯾﺿﺎ‬ ‫ﯾﻣﻛن‬

21. ‫اﻟﻨﻘﻞ‬ ‫طﺮق‬ ‫أﻓﻀﻞ‬ ‫ﺗﺤﺪﯾﺪ‬ .1
‫ﯾﺟب‬ :‫ﻣﻧﮫ‬ ‫اﻟﻣﻧﻘول‬ ‫اﻟﻘرص‬ ‫ﺣﺟم‬ ‫ﺗﺣدﯾد‬
‫ﺣﺟم‬ ‫ﻛﺎن‬ ‫إذا‬ ‫ﺗﺻﻐﯾر‬ ‫طرق‬ ‫اﺳﺗﻌﻣﺎل‬
‫اﻟﻣﻧﻘول‬ ‫ﻣن‬ ‫أﻛﺑر‬ ‫ﻣﻧﮫ‬ ‫اﻟﻣﻧﻘول‬ ‫اﻟﻘرص‬
‫إﻟﯾﮫ‬
.2
‫ﻋﻣﻠﯾﺔ‬ ‫أﺛﻧﺎء‬ ‫اﻟﻘرص‬ ‫إﺑﻘﺎء‬ ‫ﯾﻣﻛن‬ ‫ھل‬
‫ﻧﺳﺧﺔ‬ ‫ﻋﻣل‬ ‫ﯾﺟب‬ :‫اﻟﻔﺣص‬ ‫أو‬ ‫اﻟﻧﻘل‬
‫ﺻﺣﯾﺣﺔ‬
.3
:‫ﻛﺑﯾرا‬ ‫ﻧﻘﻠﮫ‬ ‫اﻟﻣراد‬ ‫اﻟﻘرص‬ ‫ﺣﺟم‬ ‫ﻛﺎن‬ ‫إذا‬
‫ﺗﺣﻔظ‬ ‫ﻻﻧﮭﺎ‬ Tapes ‫اﺳﺗﻌﻣﺎل‬ ‫ﯾﻣﻛن‬
TB ‫ﺗﺻل‬ ‫اﻟﻣﻠﻔﺎت‬ ‫ﻣن‬ ‫ﻛﺑﯾر‬ ‫ﺣﺟم‬

22. :‫اﻻدوات‬ ‫اﻓﻀﻞ‬ ‫ﺗﺤﺪﯾﺪ‬ :‫اﻷدوات‬ ‫ﻓﻲ‬ ‫أﺳﺎﺳﯾﺔ‬ ‫ﻣﺗطﻠﺑﺎت‬
●
‫اﻷﺳﺎﺳﻲ‬ ‫اﻟدﻟﯾل‬ ‫ﺗﻐﯾر‬ ‫ﻻ‬ ‫اﻻداة‬
●
‫اﻟﻧﻘل‬ ‫ﻟﻠﺳﺟﻼت‬ ‫اﻟوﺻول‬
●
‫ﻋﺎﻟﻣﯾﺎ‬ ‫ﻣﻌروﻓﮫ‬ ‫اﻻداه‬
●
‫اﻟﻣﻧﻘول‬ ‫اﻟﻘرص‬ ‫ﻛﺎن‬ ‫إذا‬ ‫اﺷﻌﺎر‬ ‫ﺗرﺳل‬ ‫اﻻداة‬
‫ﻣﻧﮫ‬ ‫اﻟﻣﻧﻘول‬ ‫اﻟﻘرص‬ ‫ﻣن‬ ‫أﻛﺑر‬ ‫إﻟﯾﮫ‬
●
‫ﻟﻸﻗراص‬ ‫اﻟﻛواﺑل‬ ‫أﻧواع‬ ‫ﺟﻣﯾﻊ‬ ‫ﻣﻊ‬ ‫ﺗﺗﻌﺎﻣل‬
‫اﻟﺻﻠﺑﺔ‬
●
bitstream copy ‫ﺑﻌﻣل‬ ‫ﺗﻘوم‬
●
‫اﻟﻣﻛﺗوب‬ ‫ﺣﺳب‬ ‫ﺗﻛون‬ ‫اﻟﻧﺳﺦ‬ ‫ﻣن‬ ‫اﻟﻣﺧرﺟﺎت‬
‫ﻟﻼداة‬ ‫اﻟﺗﻌرﯾﻔﯾﺔ‬ ‫اﻟﻣﻌﻠوﻣﺎت‬ ‫ﻓﻲ‬

23. :‫اﻻدوات‬ ‫اﻓﻀﻞ‬ ‫ﺗﺤﺪﯾﺪ‬ :‫اﻷدوات‬ ‫ﻓﻲ‬ ‫ﻓرﻋﯾﺔ‬ ‫ﻣطﻠوﺑﺎت‬
●
‫ﻟﻠﺗﺄﻛد‬ hashes ‫ال‬ ‫ﺗﺣﺳب‬
‫اﻟﻧﺳﺦ‬ ‫ﻣﺻداﻗﯾﺔ‬ ‫ﻣن‬
●
‫ﻣﻣﻛن‬ ‫اﻟﻧﺳﺦ‬ ‫ﻣن‬ ‫اﻟﻣﺧرﺟﺎت‬
‫ﻻﺣﺟﺎم‬ ‫ﺗﻘﺳم‬
●
‫ﻓﯾﮭﺎ‬ ‫اﻟﺑﺣث‬ ‫ﯾﻣﻛن‬ ‫ﺳﺟﻼت‬ ‫ﻟﮭﺎ‬
●
‫ﺷﻛل‬ ‫ﻋﻠﻰ‬ ‫ﻧﺳﺧﺔ‬ ‫ﻋﻣل‬ ‫ﺗﺳﺗطﯾﻊ‬
‫ﺻورة‬

24. :‫اﻻدوات‬ :Hardware
.1
Utra kit
.2
Forensic Falcon
.3
T3ui Forensic SATA
.4
Triage responder
.5
Atola insight forensic
.6
XRY office

25. :‫اﻻدوات‬ :Software ‫اﻟﺑراﻣﺞ‬
.1
EnCase Forensic
.2
DriveSpy
.3
X Ways forensic
.4
Prodiscover Forensic
.5
F-responder imager
.6
Data Acquisition
Toolbox

26. : ‫اﻟﻠﻨﻜﺲ‬ ‫ادوات‬ : ‫اداﺗﺎن‬ ‫ﻟﮫ‬ ‫اﻟﻠﻧﻛس‬
dd, dcfldd
:‫اﻷواﻣر‬
●
dd if=/dev/hda of=
/dev/Cas5img1
●
dcfldd if=/dev/sda
of=using.dat
●
dcfldd if=/dev/sda split 2M
of=usb img. hash=md5

27. :‫اﻟﻮﯾﻨﺪوز‬ ‫أدوات‬ : ‫اﻟوﯾﻧدوز‬
●
FTK

28. :RAID ‫ﻋﻠﻲ‬ ‫اﻟﺤﺼﻮل‬ :‫اﻻدوات‬
●
Guidance Software
EnCase
●
X Ways forensics
●
Runtime software
●
R-Tools
-technologies

29. :‫ﺑﻌﺪ‬ ‫ﻋﻦ‬ ‫اﻟﻤﻌﻠﻮﻣﺎت‬ ‫ﻧﻘﻞ‬ ‫اﻟﻣﺷﺎﻛل‬ ‫ﺑﻌض‬ ‫ﻟﮭﺎ‬
●
‫اﻟﺷﺑﻛﮫ‬ ‫ﻛﺎﻧت‬ ‫اذا‬ ‫اﻟﻧﻘل‬ ‫ﺳرﻋﺔ‬
‫ﻣزدﺣﻣﺔ‬
●
‫ﻟﻧﻘل‬ ‫ﺑﺎﻟﻧﺳﺑﺔ‬ ‫اﻟﺻﻼﺣﯾﺎت‬
‫اﻟﻣدن‬ ‫ﻋﺑر‬ ‫اﻟﻣﻌﻠوﻣﺎت‬
●
‫ﺑﻌض‬ ‫وﻗﻔﮭﺎ‬ ‫ﻗد‬ ‫ﺑﻌد‬ ‫ﻋن‬ ‫اﻟﻧﻘل‬
‫اﻟﻔﯾروﺳﺎت‬ ‫ﻣﻛﺎﻓﺣﺔ‬ ‫ﺑراﻣﺞ‬

30. :‫اﻟﺒﺪﯾﻠﺔ‬ ‫اﻟﺨﻄﺔ‬ ‫ﺑدﯾﻠﺔ‬ ‫ﺧطط‬ ‫ﻟﻠﻣﺣﻘق‬ ‫ﯾﻛون‬ ‫أن‬ ‫ﯾﺟب‬
●
‫ﺗوﻗﻔت‬ ‫إذا‬ ‫ﻧﺳﺧﺗﯾن‬ ‫ﻋﻣل‬
‫اﻷﺧرى‬ ‫اﺷﺗﻐﻠت‬ ‫أﺣدھﻣﺎ‬
●
‫و‬ ‫ﻟﻠﻧﺳﺦ‬ ‫اداﺗﯾن‬ ‫اﺳﺗﻌﻣﺎل‬
‫اﻟﻧﺗﺎﺋﺞ‬ ‫ﻣﻘﺎرﻧﺔ‬
●
‫اﻟﺗﺷﻔﯾر‬ ‫ﺗﻔك‬ ‫أدوات‬ ‫اﺳﺗﻌﻣﺎل‬

31. ‫ﻋﻠﻰ‬ ‫اﻟﺤﺼﻮل‬ ‫ﻣﺮاﺟﻌﺔ‬
:‫اﻟﻤﻌﻠﻮﻣﺎت‬
:‫اﻟﻧﺳﺦ‬ Hashes ‫ﻣﺻداﻗﯾﺔ‬ ‫ﻟﻣراﺟﻌﺔ‬ ‫أدوات‬ ‫اﺳﺗﻌﻣﺎل‬ ‫ﯾﺟب‬
●
CRC-32
●
MD5
●
SHA-1 and SHA-256
:‫اﻟﻠﻧﻛس‬ ‫ﻓﻲ‬ ‫اﻟﻣﺻداﻗﯾﮫ‬ ‫ﻣراﺟﻌﺔ‬ ‫ادوات‬
●
dd
●
dcfldd
‫ﺧﺎرﺟﯾﺔ‬ ‫أدوات‬ ‫ﻟﮫ‬ ‫اﻟوﯾﻧدوز‬ :‫اﻟوﯾﻧدوز‬ ‫ﻓﻲ‬ ‫اﻟﻣﺻداﻗﯾﮫ‬ ‫ﻣراﺟﻌﺔ‬ ‫أدوات‬
●
Xways
●
EnCase
●
FTK
●
Prodiscover

32. ‫ﻋﻠﻰ‬ ‫اﻟﺤﺼﻮل‬ ‫طﺮق‬ ‫اﻓﻀﻞ‬
:‫اﻟﻤﻌﻠﻮﻣﺎت‬
●
‫ﻟﮭم‬ ‫ﻟﻠﻣﺻرح‬ ‫ﻓﻘط‬ ‫اﻟﺳﻣﺎح‬
●
‫ﯾﻌﻣل‬ ‫ﻛﺎن‬ ‫إذا‬ ‫اﻟﻧظﺎم‬ ‫ﻻﺗﻐﻠق‬
●
‫واﻟﺑﺣث‬ ‫اﻟﻔﺣص‬ ‫ﻟﮭم‬ ‫اﻟﻣﺻرح‬ ‫اﻷﺷﺧﺎص‬ ‫ﻟﺳﺗﺔ‬ ‫وﺿﻊ‬
●
‫اﻟﺳﺎﻛﻧﺔ‬ ‫اﻟﻛﮭرﺑﺎء‬ ‫ﺿد‬ ‫ﺣﻣﺎﯾﺔ‬ ‫اﻛﯾﺎس‬ ‫ﻓﻲ‬ ‫ﺗوﺿﻊ‬ ‫اﻷﻗراص‬ ‫ﻛل‬
●
‫اﻟﻧظﺎم‬ ‫ﻋﻠﻰ‬ ‫اﻟدﺧول‬ ‫ﺗم‬ ‫ﻣره‬ ‫اﺧر‬ ‫ﻣﺗﻲ‬ ‫ﺗﺳﺟﯾل‬
●
‫دﻟﯾل‬ ‫ﻛل‬ ‫ﻋﻠﻲ‬ ‫ﻋﻼﻣﮫ‬ ‫وﺿﻊ‬
●
‫اﻟﻌﺎﻟﯾﺔ‬ ‫اﻟﺣرارة‬ ‫درﺟﺔ‬ ‫ﻣن‬ ‫اﻷدﻟﺔ‬ ‫ﺣﻣﺎﯾﺔ‬
●
‫ﻟﻼدﻟﮫ‬ ‫ﻟﻠوﺻول‬ ‫اﻟزﻣﻧﻲ‬ ‫اﻟﺗﺳﻠﺳل‬ ‫ﺗﺳﺟﯾل‬
●
‫ﻟﻸدﻟﺔ‬ ‫ﺑﻌد‬ ‫ﻋن‬ ‫اﻟوﺻول‬ ‫ﻣﻧﻊ‬
●
‫اﻷﺳﺎﺳﻲ‬ ‫ﺑﺎﻟﺟﮭﺎز‬ ‫ﻣوﺻوﻟﺔ‬ ‫ﺛﺎﻧوﯾﺔ‬ ‫أﻗراص‬ ‫ﻋن‬ ‫اﻟﺟرﯾﻣﺔ‬ ‫ﻣﺳرح‬ ‫ﻓﻲ‬ ‫اﻟﺑﺣث‬
●
‫وﻓﯾدﯾو‬ ‫ﺑﻛﺎﻣﯾرا‬ ‫اﻟﺟرﯾﻣﺔ‬ ‫ﻣﺳرح‬ ‫ﺗﺻوﯾر‬
●
‫اﻷﺳﺎﺳﻲ‬ ‫اﻟدﻟﯾل‬ ‫ﻋﻠﻰ‬ ‫ﺗﻌﻣل‬ ‫ﻻ‬
●
‫ﻟﺣﻔظﮭﺎ‬ ‫ﻣﻐﻠﻘﮫ‬ ‫أدراج‬ ‫و‬ ‫ﻣﻌﺗﻣد‬ ‫ﻣﻌﻣل‬ ‫ﻓﻲ‬ ‫اﻷدﻟﺔ‬ ‫وﺿﻊ‬
●
‫ﻓﯾﮫ‬ ‫ﻣﺷﺗﺑﮫ‬ ‫أو‬ ‫ﺷﺎھد‬ ‫ﻛﺎن‬ ‫اذا‬ ‫ﺑﺎﻟﺣﺎدث‬ ‫ﻋﻼﻗﺗﮫ‬ ‫و‬ ‫ﺷﺧص‬ ‫ﻛل‬ ‫ﺗﻔﺻﯾل‬
●
‫ﻧﻘﻠﮭﺎ‬ ‫ﻋﻧد‬ ‫اﻟﺻدﻣﺎت‬ ‫ﺿد‬ ‫ﺻﻧﺎدﯾق‬ ‫ﻓﻲ‬ ‫اﻟدﻻﺋل‬ ‫وﺿﻊ‬
●
‫اﻟﻣﻐﻧﺎطﯾﺳﯾﺔ‬ ‫اﻟﻣﺟﺎﻻت‬ ‫ﻣن‬ ‫اﻟدﻻﺋل‬ ‫أﺑﻌﺎد‬
●
‫ﺧﺎرﺟﯾﺔ‬ ‫أﻗراص‬ ‫ﻋﻠﻰ‬ ‫اﻟﻣﻔﺗوﺣﺔ‬ ‫اﻟﻣﻠﻔﺎت‬ ‫ﻣﺛل‬ ‫اﻟدﻻﺋل‬ ‫وﺿﻊ‬
●
‫اﻟﺳﺟﻼت‬ ‫ﺗﺣﻔظ‬ ‫ﺣﺗﻲ‬ ‫اﻟﺻﺣﯾﺣﺔ‬ ‫اﻟطرﯾﻘﺔ‬ ‫اﺗﺑﺎع‬ ‫اﻟﺟﮭﺎز‬ ‫ﻏﻠق‬ ‫ﻋﻧد‬
●
‫ﻋﺎﻟﯾﺔ‬ ‫ﻣوﺛوﻗﯾﺔ‬ ‫ذات‬ ‫اﻟﻣﺟﻣﻌﺔ‬ ‫اﻟﻣﻌﻠوﻣﺎت‬ ‫أن‬ ‫اﻟﺗﺄﻛد‬
●
‫اﻟﺟﮭﺎز‬ ‫ﻣن‬ ‫اﻟﻛﮭرﺑﺎء‬ ‫ﻛﯾﺑل‬ ‫ﺳﺣب‬ ‫ﻋدم‬
●
‫اﻟﻣرور‬ ‫ﻛﻠﻣﺎت‬ ‫ﻣﺛل‬ ‫اﻟﺣﺳﺎﺳﺔ‬ ‫اﻟﻣﻌﻠوﻣﺎت‬ ‫ﻣن‬ ‫اﻟﺗﺄﻛد‬
●
‫ﻟﻠﺣﺎدﺛﺔ‬ ‫اﻟﺻﻠﺔ‬ ‫ذات‬ ‫اﻟﻣﻌﻠوﻣﺎت‬ ‫ﻛل‬ ‫ﺟﻣﻊ‬
●
‫اﻷﺳﺎﺳﻲ‬ ‫اﻟدﻟﯾل‬ ‫ﻋﻠﻰ‬ ‫اﻟﻛﺗﺎﺑﺔ‬ ‫ﻋدم‬ ‫ﺗﻣﻛن‬ ‫أدوات‬ ‫اﺳﺗﻌﻣﺎل‬

33. ‫ﻋﻠﻰ‬ ‫اﻟﺤﺼﻮل‬ ‫طﺮق‬ ‫اﻓﻀﻞ‬
:‫اﻟﻤﻌﻠﻮﻣﺎت‬
.1
‫اﻟدﻟﯾل‬ ‫ﺗﻧﻘل‬ ‫ﺳﻠﺳﻠﺔ‬ ‫ﺣﻣﺎﯾﺔ‬
.2
‫ﺳﺑب‬ ‫ﻷي‬ ‫اﻷﺳﺎﺳﻲ‬ ‫اﻟدﻟﯾل‬ ‫ﺗﺳﺗﻌﻣل‬ ‫ﻻ‬
.3
‫او‬ ‫اﻟطﺎﺑﻌﮫ‬ ‫او‬ ‫اﻟﻔﺎرة‬ ‫ﻣﺛل‬ ‫اﻷﺟﮭزة‬ ‫ﻣن‬ ‫اﻟﺗﺄﻛد‬
‫اﻟﻧﺎﻗﺻﺔ‬
.4
‫ﻣن‬ ‫ﻷي‬ ‫اﻟﺗﺳﻠﺳﻠﻲ‬ ‫واﻟرﻗم‬ ‫اﻟﻣودﯾل‬ ‫ﺗﺳﺟﯾل‬
‫اﻷدﻟﺔ‬
.5
‫ﻣن‬ ‫ﯾﻣﻧﻊ‬ ‫اﻟﺟرﯾﻣﺔ‬ ‫ﻣﺳرح‬ ‫ﻋﻠﻰ‬ ‫ﺷرﯾط‬ ‫وﺿﻊ‬
‫ﻣﺻرح‬ ‫اﻟﻐﯾر‬ ‫اﻟوﺻول‬
.6
‫اﻟﻣوﺟودة‬ ‫اﻟﺑراﻣﺞ‬ ‫ﻋﻠﻰ‬ ‫اﻟﻣﻌﻠوﻣﺎت‬ ‫ﺣﻔظ‬
.7
shell ‫ﻓﻲ‬ ‫اﻟﻣﻔﺗوﺣﺔ‬ ‫اﻷواﻣر‬ ‫ﻣن‬ ‫اي‬ ‫ﺗﺳﺟﯾل‬