Digital Forensics
From the first e-Activity, discuss the fundamental advantages that the commercial forensic packages offered to forensic investigators.
The fundamental advantages that commercial forensic packages that are offered to forensic investigators include the increase ability to obtain information from a system without altering details. Because this is a primary objective this allows conclusive objectivity in the gathering and also retain the integrity of the information gathered. Also, a good forensic package must cover the basic forensic functions described as follows: importing data, hashing, wiping, imaging, and search capabilities.
Further there is some forensic packages that are free and even the more costly packages proves to be invaluable and with the use of this inquisitive squirrel like program it proves its value because some deleted data or parts of it can be recovered and usable in court. Lack of a physical file name does not mean the segment file can’t be recovered with this software. Consequently, differing software has unique facets that allow maneuverability and writing of small programs, analysis and scripts that perform customized searching and filtering and imaging capability.
Next, speculate on whether there is an overall disadvantage(s) to using commercial packages in digital forensics. Justify your response.
As with advantages there will also be disadvantages to using commercial packages in digital forensics and that includes the selection of an appropriate software package to facilitate the correct tasks that need to be done. Further the high price tag, privacy concerns and data corruption are some of the disadvantages that string along with the benefits. Even though the disadvantages exist the advantages outweigh the disadvantages and become an incentive to use.
http://www.ehow.com/list_6754332_disadvantages-computer-forensics.html
From the second e-Activity, discuss the key process that a forensic analyst could use in order to preserve the verifiable integrity of digital evidence.
The key process that a forensic analyst could use in order to preserve the verifiable integrity of digital evidence is to provide a witness signature that is a confirmation and a competent recording. Further a webcam legal signature can be done as well as chain of custody that is reflective of the authentification process.
http://www.edtechmagazine.com/higher/article/2006/10/how-preserve-digital-evidence-case-legal-investigation
Next, identify the main tools or technologies that the forensic analyst could use in order to ensure that the original evidence is unmodified.
Some of the main tools or technologies that the forensic analyst could use in order to ensure that the original evidence is unmodified is as follows:
• Disk and data capture tools
• File viewers
• File analysis tools
• Registry analysis tools
• Internet analysis tools
• Email analysis tools
• Mobile devices analysis tools
• Mac OS analysis tools
• Network forensics tools
• Database forensics tools
Even at its best there will be some alteration that is not major and will not hinder the legal process of being admissible evidence as competent and correct.
http://resources.infosecinstitute.com/computer-forensics-tools/
Reply to co-student #1
I disagree, some packages have limited ability or only do certain tasks and are not multi-usable software that allows maneuverability. Further I agree that the selection is made on choice and its prevalent need to complete task to obtain information that will facilitate and nail a case.
Also, that these steps you listed should be done to get the task done correctly to gather information to present in court as admissible evidence.
Thank you.
Felicia
Reply to co-student #2
I agree with you that the collecting of digital data is an analytical fashion with concerns of reporting is the correct way to retain ability for legal admissity. Also, that objectivity is a must and steps has to be done in a methodological way for consistency and documentation ability. Further, the software for a forensic investigator is a tool and allows the evidence collected to not be challenged.
Thank you.
Felicia
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment