Identification of Digital Data

Project Name: Identification of Digital Data

Description: This blog will help all forensics investigator to identify digital data for forensics investigation.

Author: Rohit D Sadgune

Frequently Asked Question on Computer Forensics Investigation

  • Process of Identification of Digital Data

Forensics Checklist

  1. Use NTP for security reasons.
  2. Buy special radios that interpret the signals and send them out on serial (and even parallel) cables to the computers that will serve as your top stratum. WWV broadcasts time signals over short wave, so this information is available worldwide.
  3. Use GPS devices. GPS relies on accurate timekeeping for calculating position and movement. GPS devices are fairly inexpensive, although you’ll want to buy ones that already have drivers written for them.
  4. Remember to have multiple sources. Note that most Cisco Systems routers and switches come with NTP software and are ready for use as NTP servers. (You should disable this service if you’re not using it.)
  5. Keeping all your systems synchronized to accurate time is not a luxury. Good timekeeping is important to many security functions, such as electronic transactions, certain authentication systems, and, in particular, any forensics activity that might ever be required of you. If you find yourself comparing logs from disparate systems, you’ll be exceedingly grateful that you decided to implement NTP.

GO BACK TO COMPUTER FORENSICS CHECKLIST