CSS350 IP5
CSS350-1301A-01 Computer Forensics 1
Key Assignment
David Laurin Jr.
February 11, 2013
Table of contents
Table of contents 2
Introduction to computer forensics 3
Computer forensics defined 3
Situations that might lead to the need for an investigation 4
Digital investigation processes and procedures 7
Collecting and preserving data 11
Investigation methodology and data analysis 16
Reporting the case 29
References 37
Introduction to computer forensics
Computer forensics defined In today’s world it is an indisputable fact that computers and digital devices are a part of our everyday lives. As such they are a part of our society whether they are used for business or for personal reasons. There are many uses for computers. We can use them to track our finances, keep databases of information about our clients, and use them to save pictures and documents. Sometimes computers are used in the commission of a crime like hacking systems for credit card information or launching computer viruses against a target. Sometimes they are used to communicate with others about the details of a crime, plan a crime, or share illegal media like child pornography. Other times computers can be misused and lead to loss or theft of data resulting in system downtime or monetary losses for an organization.
Whichever the case, computer forensics can be used to investigate computer related crime or misconduct. “Computer forensics is the application of computer investigation and analysis techniques to gather evidence suitable for presentation in a court of law” (Rouse, 2007). This means that the information that is gathered must follow strict rules for forensic investigation. These rules may vary from state to state but are at least responsible for strict control over how the evidence is obtained, protected, and documented. “The goal of computer forensics is to perform a structured investigation while maintaining a documented chain of evidence to find out exactly what happened
Key Assignment
David Laurin Jr.
February 11, 2013
Table of contents
Table of contents 2
Introduction to computer forensics 3
Computer forensics defined 3
Situations that might lead to the need for an investigation 4
Digital investigation processes and procedures 7
Collecting and preserving data 11
Investigation methodology and data analysis 16
Reporting the case 29
References 37
Introduction to computer forensics
Computer forensics defined In today’s world it is an indisputable fact that computers and digital devices are a part of our everyday lives. As such they are a part of our society whether they are used for business or for personal reasons. There are many uses for computers. We can use them to track our finances, keep databases of information about our clients, and use them to save pictures and documents. Sometimes computers are used in the commission of a crime like hacking systems for credit card information or launching computer viruses against a target. Sometimes they are used to communicate with others about the details of a crime, plan a crime, or share illegal media like child pornography. Other times computers can be misused and lead to loss or theft of data resulting in system downtime or monetary losses for an organization.
Whichever the case, computer forensics can be used to investigate computer related crime or misconduct. “Computer forensics is the application of computer investigation and analysis techniques to gather evidence suitable for presentation in a court of law” (Rouse, 2007). This means that the information that is gathered must follow strict rules for forensic investigation. These rules may vary from state to state but are at least responsible for strict control over how the evidence is obtained, protected, and documented. “The goal of computer forensics is to perform a structured investigation while maintaining a documented chain of evidence to find out exactly what happened
References: CS. (2010, August 15). Hashing concepts. Retrieved from media.uri.edu: media.uri.edu/cs/Camtasia/Hashing%20Concepts.pptx Farmer, J International Competition Network. (2010, March). Definitions and qualifications. Retrieved from Anti-cartel enforcement manual: http://www.internationalcompetitionnetwork.org/uploads/library/doc627.pdf Landry, B Mason, D. (2010). Overview of "computer forensics". Retrieved from http://www.olemiss.edu/depts/ncjrl/pdf/cp%20Supplemental%20material%20-%20Computer%20Forensics%20overview.pdf Microsoft Rouse, M. (2007, February). Computer forensics (cyberforensics). Retrieved from SearchSecurity.techtarget.com: http://searchsecurity.techtarget.com/definition/computer-forensics Safemode.org SANS. (2012, June). Windows artifact analysis: evidence of... Retrieved from https://blogs.sans.org/computer-forensics/files/2012/06/SANS-Digital-Forensics-and-Incident-Response-Poster-2012.pdf Vacca, J Vijayan, J. (2012, November 15). NASA breach update: stolen laptop had data on 10,000 users. Retrieved from Computerworld.com: http://www.computerworld.com/s/article/9233701/NASA_breach_update_Stolen_laptop_had_data_on_10_000_users whereismydata,