Computer Forensics is Equivalent of surveying a crime scene or performing an autopsy on victim .
—– Source: James Borek 2001
Presence of a majority of electronic documents
Search and identify data in a computer
Digital Evidence can be easily destroyed,if not handled properly
For recovering Deleted ,Encrypted,or Corrupted files from a system
Our Working System :
- Computer Forensics.
- What is an Incident.
- Categories of Incidents.
- Incident Response Checklist.
- Procedure for Handling Incident.
- Incident Management.
- Incident Reporting.
- Types of Incidents and Level of Support.
- Incident Specific Procedures.
- Computer crime is suspected.
- Collect preliminary evidence.
- Obtain court warrant for seizure (if required).
- Perform first responder procedures.
- Seize evidence at the crime scene.
- Transport them to the forensic laboratory.
- Create 2 bit stream copies of the evidence.
- Generate MD5 checksum on the images.
- Prepare chain of custody.
- Store the original evidence in a secure location.
- Analyze the image copy for evidence.
- Prepare a forensic report.
- Submit the report to the client.
- If required, attend the court and testify as expert witness.
Follow The Module