CHFI

Anti-Forensics-Techniques-Password-Protection

Anti-Forensics Techniques: Password Protection

Leave a Comment / CHFI, Knowledge Base / By

Anti-Forensics Techniques: Password Protection in this A password refers to collection of words, letters, numbers, and/or special characters used for security processes such as user authentication or to grant access to a resource. The password ensures that unauthorized users do not access the computer, network resources, or other secured information. In addition, data files and programs may require a password. Password protection shields information, protects networks, applications, files, documents, etc., from unauthorized users. Many organizations …

Anti-Forensics Techniques: Password Protection Read More »

Recovering-Deleted-Partitions

Recovering Deleted Partitions

Leave a Comment / CHFI / By

Recovering Deleted Partitions in this article explain how to recover delete partition and which of the tools using in it. What happens when deleting a partition? When a user deletes a partition from a hard disk drive, two things are possible: All data will be lost on that deleted partition or logical drive. In the case of a dynamic disk, deleting a partition can delete all the dynamic volumes on the disk, leaving the disk …

Recovering Deleted Partitions Read More »

Understand-File-Recovery-in-Mac-OS-X-MAC-and-Linux

Understand File Recovery in Mac OS X, MAC and Linux

Leave a Comment / CHFI / By

Understand File Recovery in Mac OS X, MAC and Linux in this article explain Mac OS X, MAC and Linux file recovery methods and tools. In Mac OS X, data deletion can be possible due to the following reasons: Emptying the Mac Trash folder Using the Shift+Del keys Corruption in a hard drive Virus or Trojan Infection Unexpected system shutdown Software or hardware malfunction Recovering deleted files in Mac OS X has three methods: 1. …

Understand File Recovery in Mac OS X, MAC and Linux Read More »

File-Recovery-Tools-Windows

File Recovery Tools: Windows

Leave a Comment / CHFI / By

File Recovery Tools: Windows in this article explain different types of tools which are using in file recovery of windows. 1. Recover My Files Source: http://www.recovermyfiles.com Recover My Files data recovery software recovers deleted files emptied from the Windows Recycle Bin and files lost due to the format or corruption of a hard drive, virus or Trojan infection, and unexpected system shutdown or software failure. Features: Recovers files albeit emptied from the Recycle Bin data …

File Recovery Tools: Windows Read More »

Understand-Anti-Forensics-Techniques

Understand Anti-Forensics Techniques

Leave a Comment / CHFI / By

Understand Anti-Forensics Techniques are the actions and methods that hinder the forensic investigation process in order to protect the attackers and perpetrators from prosecution in a court of law. These techniques act against the investigation process such as detection, collection, and analysis of evidence files and sidetrack the forensic investigators. These techniques impact the quality and quantity of the evidence of a crime scene, thereby making the analysis and investigation difficult. Anti-forensic techniques, which include …

Understand Anti-Forensics Techniques Read More »

Understand-Anti-forensics-and-their-goals

Understand Anti-forensics and their goals

Leave a Comment / CHFI, Knowledge Base / By

Understand Anti-forensics and their goals, also referred to as counter forensics, may be a set of techniques that attackers or perpetrators use so as to avert or sidetrack the forensic investigation process or attempt to make it much harder. These techniques negatively impact the number and quality of evidence from a criminal offense scene, thereby making the forensic investigation process difficult. Therefore, the investigator may need to conduct a few more additional steps so as …

Understand Anti-forensics and their goals Read More »

Understand-Acquiring-RAID-Disks

Understand Acquiring RAID Disks

Leave a Comment / CHFI / By

Understand Acquiring RAID Disks may be challenging for forensics examiners due to the RAID system design, configuration, and size. The greatest concern is the size of the RAID system, as many systems are growing into many terabytes of data. Copying small RAID systems to one large disk is possible with the availability of larger disks. Investigators should use a proprietary format acquisition with compression to store more data in small storage capacities. Acquiring RAID Disks …

Understand Acquiring RAID Disks Read More »

Understand-Linux-Standard-Tools

Understand Linux Standard Tools

Leave a Comment / CHFI, Knowledge Base / By

Understand Linux Standard Tools in this the forensic investigators use built-in Linux command dd to copy data from a disk drive. This command can create a bit-stream disk-to-disk copy and a disk-to-image file. It can copy any disk data that Linux can mount and access. Forensic tools like AccessData FTC and Hook, can read dd image files. In Linux, the advantage of dd command is its independence on any additional computer resources. The dd command …

Understand Linux Standard Tools Read More »

Data-Acquisition-and-Duplication-Tools-Software

Data Acquisition and Duplication Tools: Software

Leave a Comment / CHFI / By

Data Acquisition and Duplication Tools: Software in this article explain different types of software which is using in data acquision and duplication data tool. EnCase Forensic Source: https://www.guidancesoftware.com EnCase is a popular multi-purpose forensic platform which includes many useful tools to support several areas of the digital forensic process. This tool can collect a lot of data from many devices and extracts potential evidence. It also generates an evidence report. EnCase Forensic can help investigators …

Data Acquisition and Duplication Tools: Software Read More »

Data-Acquisition-and-Duplication-Tools-Hardware

Data Acquisition and Duplication Tools: Hardware

Leave a Comment / CHFI / By

Data Acquisition and Duplication Tools: Hardware in this article discussed below are the featured data acquisition and duplication hardware tools can be used to acquire and create duplicate copies of the suspect system data: 1. Ultrakit Source: http://www.digitalintelligence.com The UltraKit is a portable kit, which provides a complete set of UltraBlock hardware write blockers including adapters and connectors to acquire a forensically sound image of virtually any hard drive or storage device. Just select the …

Data Acquisition and Duplication Tools: Hardware Read More »