Computer Forensics is Equivalent of surveying a crime scene or performing an autopsy on victim .

                                                                                                                                                           —–  Source: James Borek 2001

 

Presence of a majority of electronic documents

Search and identify data in a computer

Digital Evidence can be easily destroyed,if not handled properly

For recovering Deleted ,Encrypted,or Corrupted files from a system

 

cyber-forensics

Our Working System :

  1. Computer Forensics.
  2. What is an Incident.
  3. Categories of Incidents.
  4. Incident Response Checklist.
  5. Procedure for Handling Incident.
  6. Incident Management.
  7. Incident Reporting.
  8. CSIRT.
  9. Types of Incidents and Level of Support.
  10. Incident Specific Procedures.
  11. Computer crime is suspected.
  12. Collect preliminary evidence.
  13. Obtain court warrant for seizure (if required).
  14. Perform first responder procedures.
  15. Seize evidence at the crime scene.
  16. Transport them to the forensic laboratory.
  17. Create 2 bit stream copies of the evidence.
  18. Generate MD5 checksum on the images.
  19. Prepare chain of custody.
  20. Store the original evidence in a secure location.
  21. Analyze the image copy for evidence.
  22. Prepare a forensic report.
  23. Submit the report to the client.
  24. If required, attend the court and testify as expert witness.

   

Follow The Module

1

 

_______Thank you From Eagle eye
DEFT-linux-digital-forensics-livecd