Forensic Criminology Key Assignment Outline

A computer forensic investigation typically includes the collection, examination, analysis, and reporting of data. These steps could have been used to extract and preserve the data in the U.S. versus AOL case. Collection involves seizing digital evidence. Examination is where techniques are applied in order to identify and extract data. Analysis is using the data and resources to prove a case (Brecht, 2015). Reporting involves presenting the documentation gathered during the investigation. Investigators use these steps to examine evidence that could be needed in a trial. Following these steps is one way to ensure that the findings are sound and admissible in court. “The purpose of a computer forensic examination is to recover data from computers seized as evidence in criminal investigations (Brecht, 2015)”. Forensic tools are used by investigators to provide their collection, indexing and detailed analysis

Electronic evidence is very fragile because it can be destroyed or altered very easily, therefore it is imperative that investigators follow very careful all the procedural steps when collecting electronic evidence (Diversified Forensics). Before any electronic evidence is gathered investigators should determine whether there is probable cause that a crime has been committed, or if the crime was committed somewhere else the investigator should determine whether the electronic evidence will aid the investigation process to prove or disapprove the crime, if a warrant is needed it must be obtained prior to collecting the evidence (Diversified Forensics). Hard drives, computers, and other electronic devices must be turned off, unplug all cables,

This manual is to assist forensic technicians who may be responsible for preserving electronic crime scene and recognizing, collecting, preserving, and storing digital evidence. When dealing with digital evidence, these principles apply: The process of collecting, securing, and transporting digital evidence should not change the evidence in anyway. Only trained forensic technicians specifically for digital evidence should conduct the analysis. Everything done during the search, seizure, transportation and the storage of the digital evidence should be documented, preserved and ready for review.

FORENSICS’, its uses, the users of computer forensics, steps involved in this type of forensic

The history of Windows dates back to September 1981, with windows 1.0, it has gone through many versions since then and is a constantly evolving product. These newer version are both designed to improve the product’s current features and to bring in new ones that will improve the operating system; the aim of this is to gain and maintain market share for Microsoft and improve the user experience. Since Microsoft’s motivation is to have as many people using its product and not to aid or obstruct the forensic examination of Windows based computers, this essay will look at the effects these changes make to the recovery of forensics evidence

The internet can offer a wide variety of resources that could help an individual/organization with their professional growth. These recourses could be in the form of online courses that could help an individual earn a proficiency or degree. The internet could also provide an individual with a social network site that would allow them to ask questions or tell others about a successful technique they have used in their professional field.

Moving onto the weaknesses, the following test will examine the acquisition of information, discovery of information, education, procedure and significance of the evidence. One of the main concerns in this field is still acquiring the information in a way that does not jeopardize the integrity of the information despite having the appropriate tools. This is because digital forensic scientists created the tools for security and other computer related purposes and not for forensic purposes (Casey, 2004, p.29). This poses specific issues when the investigators are trying to collect information in a manner that is acceptable by law, and while it is true that it is possible to create tools specifically for forensic purposes

Digital forensics (sometimes Digital forensic science) is a branch of forensic science encompassing the recovery and investigation of material found in digital devices, often in relation to computer crime.[1][2] The term digital forensics was originally used as a synonym for computer forensics but has expanded to cover all devices capable of storing digital data and is now used to describe the entire field.[1] The discipline evolved in a haphazard manner during the 1990s and it was not until the early 2000s that national policies were created.

In simple terms, computer or digital forensic evidence analysis is the scientific collection of data that is either retrieved or held by a computer storage device that can be used against a criminal in a court of law. For the information to be used in court it should be collected before it is presentation; therefore, there are a number of recommendations proposed to make sure that information collected meets the intended integrity.

The appropriate use of evidence plays a vital role in case’s hearings. Digital Forensic analyst accumulates all the evidences from the crime scene and then evaluates the evidences and analyze the result before presenting it in the case hearing. Digital Evidence Analysis can be done with the use of data that is extracted from any type of digital electronic device. In any of the cases, where a guilty person is involved in illegal activity, such evidences and devices are used can be used to find the actual guilty person.

In a world where technology is increasingly becoming the way of life, it was only a matter of time before crime was no longer just in the streets but happening online as well. Criminals now get a new approach to carry out their crimes with the use of computers. Since technology is more like a murder mystery than catching the bad guy in the act, a new discipline of forensics needed to be put into place. This is known as computer forensics. Forensic science is any science used for the purpose of law. In the case of computer forensics it is “the discipline that combines elements of law and computer science to collect and analyze data from computer systems, networks, wireless communications, and storage devices in a way that is admissible as evidence in a court of law” (U.S. Cert, 2008). Meaning if you do something illegal on the Internet it can be found.

The organization has defined procedure for the identification, collection, acquisition, preservation of information that will be utilized as evidence. Evidence identifies unauthorized changes and helps reconstruct the activities involved in an incident. Forensic analysis can be used to determine and subsequently understand the extent to which a system or network has been compromised or otherwise affected. Due to the specialization of forensic analysis some organizations may choose to outsource these activities in order to transfer the responsibility.

Every computer installation is different. Although there are many common components and aspects, computer users can compile their system to their own desire. For this reason, it is the forensic examiner’s job to ensure that s/he has sufficient knowledge of a wide variety of hardware, software and operating systems. It is indeed possible to come across any combination of these components, and the examiner should be prepared to handle all of these. Due to the range of possibilities provided by live forensic analysis, forensic examiners only learn the principles of live acquisition and the effect that specific actions may have on the validity of the evidence. It is

Certified that Sakshi Bansal (21341314008), has carried out the research work presented in this thesis entitled "A PROPOSED FRAMEWORK FOR NETWORK FORENSICS INQUISITION & RELATIVE SUBSTANTIATION WITH OTHER FRAMEWORKS" for the award of Master of Technology from Uttaranchal University, Dehradun under my supervision. The thesis embodies results of original work, and studies are carried out by the student herself and the contents of the thesis do not form the basis for the award of any other degree to the candidate or to anybody else from this or any other University/Institution.

“Computer forensics is the equivalent of surveying a crime scene or performing an autopsy on a victim” (James Borek 2001). We need to ask ourselves a question, how many people in our organization had or will have any law enforcement training, anyone would have the qualifications and the skill to present enough evidence that can and will be acceptable in any court of law. No matter what kind of incident there is, the analysis should not be treated differently. Any manager or supervisor knows how to examine the incident? Is the company going to do their own examination of the incident by using their own personal, should the owner/s bring extra support from the police