About Computer Forensics
It is found Computer forensics, the separation of forensic science in relation to legal information in computers and digital media. Computer forensics is also known as digital forensics. (MSC Computer Forensics Course)
The aim of computer forensics is to explain the current state of digital artifacts. The term digital artifact can be a computer system, which includes the media (such as disk or CD-ROM), electronic document (eg, email, or image JPEG) or a series of packets entering the network. Application can be as simple as “What information are you here?” and how detailed “What is the sequence of events for the current situation? [1]
Areas of computer forensics has a value in itself, such as a firewall forensics, forensic examination of networks, databases, forensic medicine and forensic examination of mobile devices.
There are many reasons for using the techniques of computer forensics :
- In legal cases, computer forensic techniques are often used to analyze computer systems belonging to defendants (in criminal cases) or litigation (civil cases).
- To obtain the data in case of hardware or software.
- To analyze the computer after the theft, for example, to determine how an attacker to gain access and that the intruder.
- He wants to complete the collection of evidence against the employee organization.
- For information about the computer systems work for debugging, performance optimization, or reverse engineering.
Special measures should be taken during the forensic examination, if you want the results will be used in court. One of the most important steps to ensure that the test was correct and that was a clear chain of custody from the crime scene investigator — and ultimately the court. The need to preserve the integrity of digital evidence examiners to perform and comply with the British Association of Chiefs of Police (ANP) guidelines [2]. They consist of the following four principles: –
Principle number 1: No action on the part of law enforcement agencies or their representatives must be made on a computer or storage media which can then be invoked in the courts, rather than change it.
Principle number 2: In exceptional cases, when a person considers it necessary, the original data stored on your computer or on storage media, that person should be able to do this and be able to explain, demonstrate the importance and consequences of access shares.
There Principle 3: Audit and all other processes used in computer electronic evidence will be created and saved. An independent third party should be in a position to verify processes and achieve the same result.
Principle number 4: a person who cares about the investigation (for staff), the overall responsibility for ensuring that they comply with the law and these principles.
Related posts:
- COFEE-Digital Forensics Tool from Microsoft Microsoft signed an agreement with the National White Collar Crime...
- hacker arrested after perforated 3000 computer SYDNEY, An Australian hacker was sentenced after a successful infecting...
- What’s With the Free Laptop Computer Deal? There’s a new trend in town that is fast gaining...
- Computer Technology can make people Stress ? Computer Technology – Crash on the machine, very slow boot...
- Western Digital Revenues reached $ 2, 6 Billion Hardware News – Western Digital (WD) Corp. reported revenue of...
||