Let’s have a general overview of computer forensic principles!
* The act of collecting digital evidence should not result in any alteration of the data in question, wherever this is possible
* All handling of digital evidence (from collection through to preservation and analysis) must be fully documented
* Access to original digital evidence should be restricted to those deemed “forensically competent”
* Your actions should not affect the integrity of the evidence. You should minimize any changes to the evidence. If changes are made, make sure the reason and impacts are documented.
* Take notes on everything
* Analyze all evidence collected
* Report your findings
Computer forensics is generally looked at as having two principal focuses, both of which must be examined. The first focus is that of analyzing an entire hard drive or computer system when suspected of having been used for
criminal activity. This often occurs when a computer is found at a crime scene, or a company has cause to believe that an employee has committed a crime. The second focus is the analysis of system log files and associated
information to identify the source of an attack or intrusion. In this scenario, the extent to which the company wishes to pursue the intruder will determine the extent of forensic analysis performed. Often the company will wish to
maintain the computer system in a running state, but will need assistance in determining how the attack succeeded such that it can be prevented in the future. The dramatic increase in public attention to corporate losses of data has
led to an increasing awareness of the need for after-the-fact investigations into computer crimes.
Data recovery Salon welcomes your comments and share with us your ideas, suggestions and experience. Data recovery salon is dedicated in sharing the most useful data recovery information with our users and only if you are good at data recovery or related knowledge, please kindly drop us an email and we will publish your article here. We need to make data recovery Salon to be the most professional and free data recovery E-book online.