Digitial Forensics analysis of USB forensics include preservation, collection, Validation,
Identification, Analysis, Interpretation, Documentation, and Presentation of digital evidence derived from digital sources for the purpose of facilitating or furthering the reconstruction of events found to be criminal.
Identification, Analysis, Interpretation, Documentation, and Presentation of digital evidence derived from digital sources for the purpose of facilitating or furthering the reconstruction of events found to be criminal.
Disk Imaging – USB Forensics:-
- A Disk Image is defined as a computer file that contains the contents and structure of a data storage device such as a hard drive, CD drive, phone, tablet, RAM, or USB.
- The disk image consists of the actual contents of the data storage device, as well as the information necessary to replicate the structure and content layout of the device.
- However Wide ranging of well-known tools is used according to the court of law to perform the analysis.
- Standard tools are solely authorized as per law, Forensics examiners are disallowed to perform Imaging with Unknown Tools, New Tools.
- Standard Tools: Encase Forensic Imager and its extension (Imagename.E01)
Forensic Toolkit Imaging & Analysis: - Since Encase forensic software cost around $2,995.00 – $3,594.00, So In this Imaging and analysis will be performed with FTK Forensic software made by AccessData.
- FTK Includes standalone disk imager is simple but concise Tool.
No comments:
Post a Comment