Use /images/diskimg1.dd, and focus on partition 2 of this image file. In this NTFS partition, what is the cluster size in bytes?
Size:

The NTFS file system views each file (or directory) as a set of file attributes. Elements such as the file's name, its security information, and even its data, are all file attributes. Each attribute is identified by an attribute type code and, optionally, an attribute name.

What is the attribute type code of the $FILE_NAME attribute?

What is the first disk block (not partition block) of the MFT and the MFT Mirror.
MFT:
MFT Mirror:

Use fls to see the files in the NTFS partition, and obtain the inode number for $Boot. Then use that in the istat command to discover the allocated size in bytes of the $Boot file.
Size:

What is the first and last cluster number allocated to this file? This information is often found on the last line of the istat output as a list of numbers.
First:
Last:

What is so special about $BOOT file?
Nothing special, just a file system metadata file. It is required to boot the operating system Contains the boot sector of the file system Stores information regarding boot sequence of the PC

In the NTFS partition there are a number of directories. In the docs directory there is a file called fatcat.jpg. What is its inode number in the format 00-000-0?
Inode id:

What is the size in bytes of the space allocated to store the file fatcat.jpg?
Size:

How many clusters are allocated to this file?
Total:

What is the first and last cluster number allocated to this file?
First:
Last: