forensics procedures and lab setup_v1

forensics procedures and lab setup_v1 - Computer Forensics...

Info iconThis preview shows pages 1–9. Sign up to view the full content.

View Full Document Right Arrow Icon
1 Company Confidential – Internal Use Only Computer Forensics Procedures and Lab Setup By Robert Newhall – www.thesecurityguide.com
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 Company Confidential – Internal Use Only Computer forensics is the formalized examination and analysis of data retrieved from computer storage media so that the information can be used as evidence in a court of law or presented to an administrative body, either public or private. Including: The secure collection of computer data The examination of suspect data to details such as origin and content The presentation of computer based information to courts of law, Administrative Bodies, Clients or Management Computer Forensics Defined Basic Computer Forensics Principles
Background image of page 2
3 Company Confidential – Internal Use Only 1. How to recover data from computers while preserving evidential integrity 2. How to securely store and handle recovered data 3. How to find the significant information in a large volume of data 4. How to present the information to a court of law, and to defense during disclosure The Need for Computer Forensics Training When handling computers for legal purposes, investigators increasingly are faced with four main types of problems. Basic Computer Forensics Principles
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4 Company Confidential – Internal Use Only Preserve Evidentiary Value Recover Digital Objects Analyze Digital Objects Present Digital Objects The Computer Forensic Objective Basic Computer Forensics Principles
Background image of page 4
5 Company Confidential – Internal Use Only Methodology Over Technology - Investigate the crime not the technology The Forensic Librarian - Document Everything Measure Twice Cut Once - Check results with peer review Prove It! - Gather as much evidence as possible The Computer Forensic Priority Basic Computer Forensics Principles
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
6 Company Confidential – Internal Use Only The principles and empirical processes of discovery and demonstration considered characteristic of or necessary for scientific investigation, generally involving the observation of phenomena, the formulation of a hypothesis concerning the phenomena, experimentation to demonstrate the truth or falseness of the hypothesis, and a conclusion that validates or modifies the hypothesis. The Scientific Method Scientific method n. Source: The American Heritage Dictionary of the English Language. Fourth Edition Basic Computer Forensics Principles
Background image of page 6
7 Company Confidential – Internal Use Only 1. Unbiased Methods 2. Repeatable Results 3. Complete Documentation 4. Verifiable Results 5. Create Hypothesis 6. Clear, Concise Explanation of the Results 7. Formulation of a Theory Applying the Scientific Method to Computer Forensics Basic Computer Forensics Principles
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
8 Company Confidential – Internal Use Only 1. Never Mishandle Evidence 2. Never Work on the Original 3. Never trust the Subject’s O/S 4. Document Everything The “Cardinal Rules” of Computer Forensics Basic Computer Forensics Principles
Background image of page 8
Image of page 9
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 59

forensics procedures and lab setup_v1 - Computer Forensics...

This preview shows document pages 1 - 9. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online