User Account

All Pages

Write blocker in your examinations

Assignment Help Other Subject
Reference no: EM131740557

This week you are reading and watching about the forensic tools used by Computer Forensics Examiners. While the two most popular tools are Guidance Software's EnCase and AccessData's FTK, there are other tools that are available and should be part of your toolbox.

Once you have properly identified and collected digital evidence, the next step is to analyze it. It does not really matter if you are performing analysis as part of a criminal investigation or as part of a corporate investigation; you should always follow the same protocols.

An emphasis in this course is on helping you understand why using an analysis protocol is important. It goes back to our discussion in week one regarding best practices and industry standards.

Remember, you should NEVER, EVER work on original evidence if it can be avoided by any means; instead, use a forensic image.

When you work on the image, you pick the tools you will use. Again, it does not matter which tool you actually use, as long as the tool is accepted by the forensic community, and you are able to testify to the tool's validity as well as the process you used in your examination.

During your analysis, you should document every step you take and all of your findings. Some tools have a report function that works well to capture both the identified data and the date/time of your various analyses. However, this should always be supplemented with your own notes and documentation.

For this week's discussion, complete the following questions below in detail. Please discuss thoroughly and substantively in your post. Additionally, respond in a thorough, substantive, intelligent way to at least one of your fellow classmates that adds to our discussion and learning of this week's topic!

1) Discuss in detail why you need to use a write blocker (either hardware or software) in your examinations, whether for a criminal case or a corporate case.

2) Imagine you are a computer forensic examiner receiving a suspect hard disk drive from a detective in your department. The drive was seized properly during a legally executed search warrant. The detective signs the chain of custody log and hands you the drive.

Your job is to accept the drive, conduct an analysis, and maintain the drive until trial. Please explain the steps you would take, from receipt of the evidence until testimony, including the reasons why you would take each step. For example, what would you check for when you sign for the drive on the chain of custody document?

Reference no: EM131740557

Questions Cloud

Design digital glp fir band pass filters : ELEN 5346 - Write your own Matlab module for Kaiser window-based design of GLP FIR filters. You can use Matlab's routines for generating the Kaiser window
Define ongoing training and continuing education : Individuals that hold certifications and licensure must maintain the license or certification through ongoing training and continuing education
Free speech clause in the taft-hartley act : Free Speech The personnel director of your company has been asked to talk with the employees about the benefits and detriments of voting for or against.
Key elements that differentiate it from domestic competition : Discuss the nature of international competition and identify the key elements that differentiate it from domestic competition.
Write blocker in your examinations : Discuss in detail why you need to use a write blocker (either hardware or software) in your examinations, whether for a criminal case or a corporate case.
List and explain in detail the symptoms of diabetes : Why does these symptoms increase your probability of contracting Diabetes
Emerging markets and foreign countries : Or do you think the United States is leading when it comes to emerging markets and foreign countries?
Critique the speakers point that understanding added value : Critique the speaker's point that understanding the added value of an acquisition or alliance is more important than calculating the benefits of the deal.
Marketing management orientations : Describe how the marketing conceptdiffers from the other marketing management orientations.

Reviews

Write a Review

Other Subject Questions & Answers

  Write list of activities and optimistic completion time

List of activities and their optimistic completion time, most probable completion time, and pessimistic completion time (all in days) for new contract are given in given table.

  What is going meta provide two examples of successful

what is going meta? provide two examples of successful metamoves that are not from the reading or lecture. for each

  Explain both interstate and intrastate war

How do each of the factors explain both interstate and intrastate war?Human nature, bounded rationality of decision-makers,.

  Legal and ethical work environment

There are occasions when HR is seen as the police in ensuring that the organization is abiding by the policies and procedures established to create a legal and ethical work environment.

  Do you think todays learner has different way of learning

recently there were two recent cover stories in time magazine their conclusion was that children today are different.

  Argue that corporate social responsibility not have value

Kim and Park (2011) argue that corporate social responsibility (CSR) activities not only have value for benefitting social causes but can also be regarded as recruiting tools for attracting potential employees who perceive the organization and its..

  Identify someone who is responsible for it security

Identify and interview someone who is responsible for IT security (e.g., compliance, privacy, risk, or quality). Impending government regulations.

  What constitutes good mental health or a good life

What are your personal assumptions about: How do people develop the kinds of psychological distress that bring them to counseling? What constitutes "good mental health" or "a good life?" How do people change, grow emotionally, develop better copi..

  How did minority groups'' struggle for civil rights in 1950s

How did minority groups' struggle for civil rights in the 1950s? Which one event from this time do you think was most responsible for bringing public attention to the American Civil Rights Movement? Explain why you selected this event.

  Innovative health care delivery model

Describe one innovative health care delivery model that incorporates an interdisciplinary care delivery team. How is this advantageous to patient outcomes

  Write down a literary analysis in which you recognize an

write a literary analysis in which you identify an issue in middlemarch except marriage and provide at least two

  Define law making marijuana legal for recreational purposes

What has been the outcome for the states that have passed a law making marijuana legal for recreational purposes

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd