computer

Understand-Anti-forensics-and-their-goals

Understand Anti-forensics and their goals

Leave a Comment / CHFI, Knowledge Base / By

Understand Anti-forensics and their goals, also referred to as counter forensics, may be a set of techniques that attackers or perpetrators use so as to avert or sidetrack the forensic investigation process or attempt to make it much harder. These techniques negatively impact the number and quality of evidence from a criminal offense scene, thereby making the forensic investigation process difficult. Therefore, the investigator may need to conduct a few more additional steps so as …

Understand Anti-forensics and their goals Read More »

Understand-Acquiring-RAID-Disks

Understand Acquiring RAID Disks

Leave a Comment / CHFI / By

Understand Acquiring RAID Disks may be challenging for forensics examiners due to the RAID system design, configuration, and size. The greatest concern is the size of the RAID system, as many systems are growing into many terabytes of data. Copying small RAID systems to one large disk is possible with the availability of larger disks. Investigators should use a proprietary format acquisition with compression to store more data in small storage capacities. Acquiring RAID Disks …

Understand Acquiring RAID Disks Read More »

Live-data-acquisition

Live Data Acquisition

Leave a Comment / CHFI / By

Live Data Acquisition is the process of extracting volatile information present in the registries, cache, and RAM of digital devices through its normal interface. The volatile information is dynamic in nature and changes with time, therefore, the investigators should collect the data in real time. Simple actions such as looking through the files on a running computer or booting up the computer have the potential to destroy or modify the available evidence data, as it …

Live Data Acquisition Read More »

Understanding-Data-Acquisition

Understanding Data Acquisition

Leave a Comment / CHFI, Knowledge Base / By

Understanding Data Acquisition in this the forensic data acquisition is a process of imaging or collecting information from various media in accordance with certain standards for analyzing its forensic value. With the progress of technology, the process of data acquisition has become more accurate, simple, and versatile. It uses many types of equipment , starting from small sensors to classy computers. Data acquisition is that the process of sampling signals that measure world physical conditions …

Understanding Data Acquisition Read More »

Physical-&-Logical-Structure-of-a-Hard-Disk

Logical & Physical Structure of a Hard Disk

Leave a Comment / CHFI, Knowledge Base / By

 In this article explain Logical & Physical Structure of a Hard Disk there components uses. Physical Structure of a Hard Disk The main components of hard disk drive are: Platters: These are disk like structures present on the hard disk, stacked one above the other and store the data Head: It is a device present on the arm of the hard drive that reads or writes data on the magnetic platters, mounted on the surface …

Logical & Physical Structure of a Hard Disk Read More »

computer-forensic-investigation

Collect Physical Evidence in computer forensic investigation

Leave a Comment / CHFI / By

The victim computer and its elements are vital evidence sources in a computer forensic investigation. Collect all the electronic devices or any other media found at the crime scene. Seize storage devices like hard drives, memory cards, and removable media as they can have stored information. Handheld devices like smart phones, mobile phones, PDAs, digital multimedia devices, and GPS receivers can have valuable evidence information like Internet browsing history, e-mails, chat logs and friend lists, …

Collect Physical Evidence in computer forensic investigation Read More »

Planning-the-Search-and-Seizure-of-investigation

Planning the Search and Seizure of investigation

Leave a Comment / CHFI, Knowledge Base / By

Planning the Search and Seizure of investigation in this investigators need to design a strategic process to conduct the search and seizure process after analyzing the crime scene. This will help them distribute tasks between the team members to complete the seizure and allow the team to use time and tools in a well-defined manner. Initial Search of the Scene Once the forensic team has arrived at the scene and unloaded their equipment, they will …

Planning the Search and Seizure of investigation Read More »

Documenting-the-Electronic-Crime-Scene

Documenting the Electronic Crime Scene

Leave a Comment / CHFI / By

Documenting the Electronic Crime Scene is necessary to maintain a record of all the forensic investigation processes applied to identify, extract, analyze, and preserve the evidence. The details should include location of the crime, status of the system, connected network devices, storage media, smart phones, mobile phones, PDAs, Internet and network access, The document will help trace the serial numbers or other identifiers of the procured devices. Documenting also includes taking photographs, video, notes, and …

Documenting the Electronic Crime Scene Read More »

Roles-of-First-Responder-in-computer-forensics

Roles of First Responder in computer forensics

Leave a Comment / CHFI / By

Roles of First Responder in computer forensics in this article explain which of the first responder and there roles  responsibiliteies . Roles of First Responder A first responder plays an important role in the computer forensics process because he or she is the first person who arrives at the crime scene for initial investigation. The investigation process starts after collecting all the evidence from the crime scene. If the evidence collected by the first responder …

Roles of First Responder in computer forensics Read More »

Laboratory-Accreditation-Programs

Laboratory Accreditation Programs

Leave a Comment / CHFI / By

Laboratory Accreditation Programs in this article explain which of the accreditation using for forensic laboratory and what are there standards and also explain risk assesment, computer investigation methodology. ISO IEC 17025 Accreditation: ISO (the International Organization for Standardization) and IEC (the International Electro­technical Commission) are part of the specialized system for worldwide standardization. They develop International Standards in association with technical committees established by the respective organization for particular fields of technical activity. In 1999, …

Laboratory Accreditation Programs Read More »