Forensic Tools

This week you are reading and watching about the forensic tools used by Computer Forensics Examiners. While the two most popular tools are Guidance Software’s EnCase and AccessData’s FTK, there are other tools that are available and should be part of your toolbox. Once you have properly identified and collected digital evidence, the next step is to analyze it. It does not really matter if you are performing analysis as part of a criminal investigation or as part of a corporate investigation; you should always follow the same protocols.

An emphasis in this course is on helping you understand why using an analysis protocol is important. It goes back to our discussion in week one regarding best practices and industry standards. Remember, you should NEVER, EVER work on original evidence if it can be avoided by any means; instead, use a forensic image. When you work on the image, you pick the tools you will use. Again, it does not matter which tool you actually use, as long as the tool is accepted by the forensic community, and you are able to testify to the tool’s validity as well as the process you used in your examination.

During your analysis, you should document every step you take and all of your findings. Some tools have a report function that works well to capture both the identified data and the date/time of your various analyses. However, this should always be supplemented with your own notes and documentation.

For this week’s discussion, complete the following questions below in detail.  Please discuss thoroughly and substantively in your post. Additionally, respond in a thorough, substantive, intelligent way to at least one of your fellow classmates that adds to our discussion and learning of this week’s topic!

1) Discuss in detail why you need to use a write blocker (either hardware or software) in your examinations, whether for a criminal case or a corporate case.

2) Imagine you are a computer forensic examiner receiving a suspect hard disk drive from a detective in your department.  The drive was seized properly during a legally executed search warrant. The detective signs the chain of custody log and hands you the drive.

Your job is to accept the drive, conduct an analysis, and maintain the drive until trial. Please explain the steps you would take, from receipt of the evidence until testimony, including the reasons why you would take each step. For example, what would you check for when you sign for the drive on the chain of custody document?

APA format and reference link should be included. get homework help here

Get 20% Discount on This Paper
Pages (550 words)
Approximate price: -

Try it now!

Get 20% Discount on This Paper

We'll send you the first draft for approval by at
Total price:
$0.00

How it works?

Follow these simple steps to get your paper done

Place your order

Fill in the order form and provide all details of your assignment.

Proceed with the payment

Choose the payment system that suits you most.

Receive the final file

Once your paper is ready, we will email it to you.

Our Services

Australia Assessments has gained an international reputation of being the leading website in custom assignment writing services. Once you give us the instructions of your paper through the order form, we will complete the rest.

Essays

Essay Writing Services

As we work towards providing the best custom assignment services, our company provides assignment services for any type of academic essay. We will help you develop professionally written essays that are rich in content and free from plagiarism.

Admissions

Admission and Business Papers

Our skilled team of professional writers will ensure that we help you craft a remarkable admission essay for your desired Master's program in your institution of choice. We won't stop there. Once you enter the job market, we will be available to secure you a position at your desired worksite by creating an outstanding portfolio or resume.

Editing

Editing and Proofreading

Our editorial team is always available for all editing and proofreading services. They check completed papers by our writers and also provide professional opinions to papers completed by our clients.

Coursework

Technical papers

We harbor professional academic writers with different qualifications in diverse academic fields. As such, we are capable of handling both simple and technical papers. Ensure that you provide us with correct and complete instructions in the order form.