Forensics and Cyber Threat Research Area

Threat Intelligence | Insider Threat Detection | User Behavior Analytics | Cyber Threat Management | Data Security Intelligence | Cloud Security Intelligence Application Security Intelligence | Anomaly & Pattern Detection |  Security Information Event Management | Digital Forensics | Data Recovery | Malware Investigation | Packet Analytics | Packet Forensics | security operations and analytics platform architecture (SOAPA)

Computer Forensics Analysis Discovery Of Electronic Evidence

Home » Blog » Computer Forensics Analysis Discovery Of Electronic Evidence

 Posted in Digital Forensics

Computer Forensics Analysis Discovery Of Electronic Evidence

   6th December 2015  Leave a Comment on Computer Forensics Analysis Discovery Of Electronic Evidence 0 909

Computer Forensics Analysis Discovery Of Electronic Evidence

Project Name: Computer Forensics Analysis Discovery Of Electronic Evidence

Description: This blog will help all forensics investigator for Computer Forensics Analysis Discovery Of Electronic Evidence.

Author: Rohit D Sadgune

Frequently Asked Question on Computer Forensics Investigation

  • Checklist of Computer Forensics Analysis Discovery Of Electronic Evidence
  1. Do not alter discovered information.
  2. Always back up discovered information.
  3. Document all investigative activities.
  4. Accumulate the computer hardware and storage media necessary for the search circumstances.
  5. Prepare the electronic means needed to document the search.
  6. Ensure that specialists are aware of the overall forms of information evidence that are expected to be encountered as well as the proper handling of this information
  7. Evaluate the current legal ramifications of information discovery searches.
  8. Back up the information discovery file or files.
  9. Start the lab evidence log.
  10. Mathematically authenticate the information discovery file or files.
  11. Proceed with the forensic examination.
  12. Find the MD5 message digest for the original information discovery file or files.
  13. Log all message digest values in the lab evidence log.
  14. When forensic work is complete, regenerate the message digest values using the backups on which work was performed; log these new values alongside the hashes that were originally generated. If the new values match the originals, it’s reasonable to conclude that no evidence tampering took place during the forensic examination of the information files.
  15. Briefly compare the physical search and seizure with its logical (data-oriented) counterpart, information discovery.

GO BACK TO COMPUTER FORENSICS CHECKLIST

Author: Rohit Sadgune
Core Working Areas :- Threat Intelligence, Digital Forensics, Incident Response, Fraud Investigation, Web Application Security Technical Certifications :- Computer Hacking Forensics Investigator | Certified Ethical Hacker | Certified Cyber crime investigator | Certified Professional Hacker | Certified Professional Forensics Analyst | Redhat certified Engineer | Cisco Certified Network Associates | Certified Firewall Solutions | Certified Network Monitoring Solution | Certified Proxy Solutions
Website

Leave a Reply

Your email address will not be published. Required fields are marked *

Enter Captcha Here : *

Reload Image

Indicator of Attacks | Indicator of Compromise

Top SIEM Use Cases | Threat Hunting Hypothesis | Deep Packet Inspection | Insider Threat Hunting | Hunting Data Exfiltration | Banking Fraud | ATM Use Cases | Cross Channel Data Exfiltration | Hunting Endpoint Anomaly | Denial-of-service | Man-in-the-middle (MitM) attack | Spear phishing attacks | Drive-by attack | Eavesdropping attack | Birthday attack