chapter 1 computer forensics and investigations as a profession

More documents

Recommendations

Info

WARNING Your text does contain errors which I will call attention to in class The “text book” answer may not be correct Lecture notes and classroom presentation overrule the text It is the best currently available forensics textbook Forensics is a fast-evolving profession and a text is, in some ways, already out-of-date by the time it is published What is “forensics” Chapter 01 8 Chapter 1 Webster – from L forensis fr forum. Belonging to, used in or suitable to courts of judicature or to public discussion and debate Saferstein – Forensic science in its broadest definition is the application of science to law Computer forensics – using accepted methods and procedures to properly seize, safeguard and analyze data. (Kroll Ontrack) Chapter 1 15 16
“Evidence” An item does not become officially a piece of evidence until a court admits it as such Opposing counsel can (and will) challenge this admission Incidentally, attorneys do argue with me about which comes first – the evidence or its admission Typically where we use the word “evidence,” we’re using it as a shortcut for “item of potential evidentiary value” Much of forensics practice concerns how to collect, preserve and analyze these items without compromising their potential to be admitted as evidence in a court of law Chapter 01 9 Chapter 1 So what is “digital evidence”? ISO 27037 – “information or data, stored or transmitted in binary form that may be relied on as evidence” Eoghan Casey – “any data stored or transmitted using a computer that support or refute a theory of the offense such as intent or alibi” (Dig. Evid. & Comp. Crime, p. 7) Brian Carrier – “digital data that support or refute a hypothesis about digital events or the state of digital data” (CERIAS TR 2006-6) Chapter 1 18 17
Page 1 and 2: CHAPTER 1 COMPUTER FORENSICS AND IN
Page 3 and 4: What will you learn? Not a certifi
Page 5 and 6: Course Format We will cover entire
Page 7: Late Work Late work will not be ac
Page 11 and 12: It Matters In the Private Sector Th
Page 13 and 14: Understanding Digital Forensics Di
Page 15 and 16: Digital Forensics Digital Forensics
Page 17 and 18: A Brief History of Computer Forensi
Page 19 and 20: A Brief History of Computer Forensi
Page 21 and 22: Preparing for Computer Investigatio
Page 23 and 24: Flow of Investigation Chapter 01 23
Page 25 and 26: Understanding Law Enforcements Agen
Page 27 and 28: Understanding Corporate Investigati
Page 29 and 30: How We See Each Other Keystone Kops
Page 31 and 32: Understanding Corporate Investigati
Page 33 and 34: Maintaining Professional Standards
Page 35 and 36: Maintaining Professional Standards

chapter 1 computer forensics and investigations as a profession

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?