Chriscarberry

Home / news

What is digital forensic methodology?

Andrew Davis |

What is digital forensic methodology?

Digital Forensics Methodology – a brief overview. Digital forensics is used to investigate the following situations: • Cyber criminals execute an attack against the organization’s web presence, • Unauthorized web access often violates organizational policies and mandated legal restrictions regarding data privacy,…

What is a digital forensic?

Digital forensics (sometimes known as digital forensic science) is a branch of forensic science encompassing the recovery and investigation of material found in digital devices, often in relation to computer crime.

How to collect digital evidence?

Photograph the computer and scene

  • If the computer is off do not turn it on
  • If the computer is on photograph the screen
  • Collect live data – start with RAM image (Live Response locally or remotely via F-Response) and then collect other live data “as required” such as network connection state,logged on
  • If hard disk encryption detected (using a tool like Zero-View) such as full disk encryption i.e.
  • Unplug the power cord from the back of the tower – If the computer is a laptop and does not shut down when the cord is removed then remove the
  • Diagram and label all cords
  • Document all device model numbers and serial numbers
  • Disconnect all cords and devices
  • Check for HPA then image hard drives using a write blocker,Helix or a hardware imager
  • Package all components (using anti-static evidence bags)
  • Seize all additional storage media (create respective images and place original devices in anti-static evidence bags)
  • Keep all media away from magnets,radio transmitters and other potentially damaging elements Collect instruction manuals,documentation and notes
  • Document all steps used in the seizure

    • What is digital forensic science?

    Aerial photo of FLETC , where US digital forensics standards were developed in the 1980s and ’90s. Digital forensics (sometimes known as digital forensic science) is a branch of forensic science encompassing the recovery and investigation of material found in digital devices, often in relation to computer crime.

    You Might Also Like