CS6963-WK 4-BesPractices_for_Computer_Forensics

CS6963-WK 4-BesPractices_for_Computer_Forensics -...

Info iconThis preview shows pages 1–4. Sign up to view the full content.

View Full Document Right Arrow Icon
Scientific Working Group on Digital Evidence Best Practices for Computer Forensics Disclaimer: As a condition to the use of this document and the information contained therein, the SWGDE requests notification by e-mail before or contemporaneous to the introduction of this document, or any portion thereof, as a marked exhibit offered for or moved into evidence in any judicial, administrative, legislative or adjudicatory hearing or other proceeding (including discovery proceedings) in the United States or any Foreign country. Such notification shall include: 1) The formal name of the proceeding, including docket number or similar identifier; 2) the name and location of the body conducting the hearing or proceeding; 3) subsequent to the use of this document in a formal proceeding please notify SWGDE as to its use and outcome; 4) the name, mailing address (if available) and contact information of the party offering or moving the document into evidence. Notifications should be sent to [email protected] Redistribution Policy: SWGDE grants permission for redistribution and use of all publicly posted documents created by SWGDE, provided that the following conditions are met: 1. Redistributions of documents or parts of documents must retain the SWGDE cover page containing the disclaimer. 2. Neither the name of SWGDE nor the names of contributors may be used to endorse or promote products derived from its documents. 3. Any reference or quote from a SWGDE document must include the version number (or create date) of the document and mention if the document is in a draft status. SWGDE Best Practices for Computer Forensics Version 2.1 (July 2006) This document includes a cover page with the SWGDE disclaimer. Page 1 of 11
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
PURPOSE The purpose of this document is to describe the best practices for computer forensics. This document is not all inclusive and does not contain information relative to specific operating systems or forensic tools. If you are not a computer forensic specialist, you should consult with one before proceeding. If you are dealing with technology outside your area of expertise, consult with an appropriate specialist. SWGDE Best Practices for Computer Forensics Version 2.1 (July 2006) This document includes a cover page with the SWGDE disclaimer. Page 2 of 11
Background image of page 2
1.0 Seizing Evidence General guidelines concerning the seizing of evidence are provided as follows: ¾ Consult with the investigating officer to determine the necessary equipment to take to the scene. ¾ Review the legal authority to seize the evidence, ensuring any restrictions are noted. If necessary during the execution of the seizure, obtain additional authority for evidence outside the scope of the search. ¾
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 4
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 11

CS6963-WK 4-BesPractices_for_Computer_Forensics -...

This preview shows document pages 1 - 4. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online