Forensics and Cyber Threat Research Area

Threat Intelligence | Insider Threat Detection | User Behavior Analytics | Cyber Threat Management | Data Security Intelligence | Cloud Security Intelligence Application Security Intelligence | Anomaly & Pattern Detection |  Security Information Event Management | Digital Forensics | Data Recovery | Malware Investigation | Packet Analytics | Packet Forensics | security operations and analytics platform architecture (SOAPA)

Types of Computer Forensics Technology

Home » Blog » Types of Computer Forensics Technology

 Posted in Digital Forensics

Types of Computer Forensics Technology

   6th December 2015  Leave a Comment on Types of Computer Forensics Technology 0 1409

Types of Computer Forensics Technology

Project Name: Types of Computer Forensics Technology

Description: This blog will help all forensics investigator for Types of Computer Forensics Technology

Author: Rohit D Sadgune

Frequently Asked Question on Computer Forensics Investigation

  • Checklist of Types of Computer Forensics Technology

 

  1. Move documentary evidence quickly from the printed or typewritten page to computer data stored on floppy diskettes, Zip disks, CDs, and computer hard disk drives.
  2. Create a new type of virtual evidence for e-commerce transactions and email communications over the Internet.
  3. Share computer files over the Internet, when tied to the commission of a crime, (creates a new and novel twist to the rules of evidence and legal jurisdiction).
  4. Keep the venue in mind when criminal activities involve the use of the Internet (venue can be in different cities, counties, states, and/or countries). The evidence needed to prove such computer-related crimes potentially resides on one or more computer hard disk drives in various geographic locations.
  5. Keep in mind that the computer hard disk drives may also be the property of criminals as well as innocent third parties (Internet service providers). Such evidence is commonly referred to as computer evidence, bu’t it is not limited to cases involving computer crimes.
  6. Rely on computer evidence that is connected to a computer crime (not to traditional crimes that are committed using one or more computers as tools in the commission of a crime). Computer crimes are specifically defined by federal and/or state statutes.
  7. Make sure computer evidence resides on computer storage media as bytes of data in the form of computer files and ambient data.
  8. Make sure ambient data (which is usually beyond the awareness of most computer users) provides the computer forensics investigator with the element of surprise when computer users are interviewed. For example, a computer user who believes that he or she destroyed the computer evidence may confess when confronted with part or all of the evidence extracted from ambient data sources.
  9. Make sure your computer investigations rely on evidence that is stored as data and that the timeline of dates and times of files that were created, modified, and/or last accessed by the computer user are recorded. Timelines of activity can be especially helpful when multiple computers and individuals are involved in the commission of a crime.
  10. Make sure your computer forensics investigator always considers timelines of computer usage in all computer-related investigations. The same is true in computer security reviews concerning potential access to sensitive and/or trade secret information stored in the form of computer files. Computer investigations play an important role in cases involving the theft of company trade secrets.
  11. Make sure your intellectual property lawyers rely on computer evidence and computer investigations in such cases as stock frauds, financial frauds, and embezzlements. The same is true concerning criminal litigation involving stock frauds, financial frauds, and embezzlements. Much of the evidence related to these types of crimes will be in computer data form. In the past, documentary evidence used to prove these crimes was exclusively in paper form. However, many computer-related communications and transactions are now conducted without paper documents ever being created. Financial fraud investigators have been forced to change the way they do business.
  12. Make sure your computer-related investigations involve the review of Internet log files to determine Internet account abuses in businesses or government agencies.
  13. Make sure your computer investigations involve the analysis of the Windows swap file.
  14. Make sure you use computer forensics procedures, processes and tools, so that the computer forensics specialist can identify passwords, network logons, Internet activity, and fragments of email messages that were dumped from computer memory during past Windows work sessions. When such leads are identified, they can be perfected through the use of computer forensics text search programs.
  15. Use other computer forensics software tools to document the computer evidence once it has been preserved, identified and extracted.

GO BACK TO COMPUTER FORENSICS CHECKLIST

Author: Rohit Sadgune
Core Working Areas :- Threat Intelligence, Digital Forensics, Incident Response, Fraud Investigation, Web Application Security Technical Certifications :- Computer Hacking Forensics Investigator | Certified Ethical Hacker | Certified Cyber crime investigator | Certified Professional Hacker | Certified Professional Forensics Analyst | Redhat certified Engineer | Cisco Certified Network Associates | Certified Firewall Solutions | Certified Network Monitoring Solution | Certified Proxy Solutions
Website

Leave a Reply

Your email address will not be published. Required fields are marked *

Enter Captcha Here : *

Reload Image

Indicator of Attacks | Indicator of Compromise

Top SIEM Use Cases | Threat Hunting Hypothesis | Deep Packet Inspection | Insider Threat Hunting | Hunting Data Exfiltration | Banking Fraud | ATM Use Cases | Cross Channel Data Exfiltration | Hunting Endpoint Anomaly | Denial-of-service | Man-in-the-middle (MitM) attack | Spear phishing attacks | Drive-by attack | Eavesdropping attack | Birthday attack