官术网_书友最值得收藏!

What is digital forensics?

The first thing I’d like to cover in this chapter is an understanding of digital forensics and its proper practices and procedures. At some point, you may have come across several books, blogs, and even videos demonstrating various aspects of digital forensics and different tools used. It is of great importance to understand that forensics itself is a science, involving very well documented best practices and methods in an effort to reveal whether something exists or does not.

Digital forensics involves the preservation, acquisition, documentation, analysis, and interpretation of evidence from various storage media types found. It is not only limited to laptops, desktops, tablets, and mobile devices, but also extends to data in transit which is transmitted across public or private networks.

In most cases, digital forensics involves the discovery and/or recovery of data using various methods and tools available to the investigator. Digital forensics investigations include, but are not limited to:

  • Data recovery: Investigating and recovering data that may have been deleted, changed to different file extensions, and even hidden.
  • Identity theft: Many fraudulent activities ranging from stolen credit card usage to fake social media profiles usually involve some sort of identity theft.
  • Malware and ransomware investigations: To date, ransomware spread by Trojans and worms across networks and the internet are some of the biggest threats to companies, military organizations, and inpiduals. Malware can also be spread to and by mobile devices and smart devices.
  • Network and internet investigations: Investigating DoS (known as Denial-of-Service) and DDoS (known as Distributed DoS) attacks and tracking down accessed devices including printers and files.
  • Email investigations: Investigating the source and IP origins, attached content, and geo-location information can all be investigated.
  • Corporate espionage: Many companies are moving away from print copies and toward cloud and traditional disk media. As such, a digital footprint is always left behind; should sensitive information be accessed or transmitted?
  • Child pornography investigations: Sadly, the reality is that children are widely exploited on the internet and within the Deep Web. With the use of technology and highly-skilled forensic analysts, investigations can be carried out in bringing down exploitation rings by analyzing internet traffic, browser history, payment transactions, email records, and images.
主站蜘蛛池模板: 高安市| 社会| 深泽县| 武城县| 乡城县| 东乡族自治县| 宣汉县| 兴仁县| 六枝特区| 陆良县| 邵东县| 建瓯市| 梨树县| 乌兰县| 江西省| 密云县| 山东省| 兴海县| 延吉市| 那坡县| 若羌县| 洛浦县| 长寿区| 长泰县| 永济市| 北海市| 益阳市| 武功县| 如东县| 蓝山县| 招远市| 两当县| 鹤山市| 鲁甸县| 栾川县| 苍梧县| 新余市| 浮梁县| 刚察县| 化州市| 民勤县|