USA: +1(669)289-8683 
Sign in
Cs521 week 1 disc300 words
2 references
NOTE; Provide original work, straight to point, logical and critical answers.
Digital forensic evidence is also known as computer forensic evidence or system forensic
evidence. It may be found on computer hard disk drives, CDs, DVDs, flash drives, mobile
devices like smartphones, and other types of computer and network storage media.
Please review the attached (forensic_ts_digitalevidence.docx (file attached with email, read
before answering the question)
Go through the forensic analysis techniques mentioned.
Question:
Pick two of these techniques and discuss them. You will need to respond to your friends.
NOTE: Do not copy and paste a single line from internet, provide valid references, the
instructor do not spare any plagiarism.
Digital Forensic Evidence
Digital forensic evidence is also known as computer forensic evidence or system forensic evidence. It
may be found on computer hard disk drives, CDs, DVDs, flash drives, mobile devices like smartphones,
and other types of computer and network storage media.
A computer’s operating system can create digital evidence without the knowledge of the computer
operator. Such information may actually be hidden from view. Special forensic software tools and
techniques are required to preserve, identify, extract, and document hidden digital evidence. Evidence
may include:
▪
Deleted email messages or files
▪
Computer logs
▪
Spreadsheets and accounting information
Forensic Analysis Techniques
Disk forensics—The process of acquiring and analyzing information stored on physical storage media,
such as computer hard drives, smartphones, GPS systems, and removable media. Disk forensics
includes both the recovery of hidden and deleted information and also the process of identifying who
created a file or message.
Email forensics—The study of the source and content of email as evidence. Email forensics includes the
process of identifying the sender, recipient, date, time, and origination location of an email message. You
can use email forensics to identify harassment, discrimination, or unauthorized activities. There is also a
body of laws that deal with retention and storage of emails that are specific to certain fields, such as
financial and medical.
Network forensics—The process of examining network traffic, including transaction logs and real-time
monitoring, using sniffers, and tracing, is known as network forensics.
Internet forensics—The process of piecing together where and when a user has been on the Internet.
For example, you can use Internet forensics to determine whether inappropriate Internet content access
and downloading were accidental.
Software forensics or malware forensics—The process of examining malicious computer code is
known as software forensics.
Live system forensics—The process of searching memory in real time, typically for working with
compromised hosts or to identify system abuse is live system forensics. Each of these types of forensic
analysis requires specialized skills and training.
Mobile forensics—The process of searching the contents of cell phones, smartphones, and tablets is
called mobile forensics. This was not a big issue in the past, but with the ubiquitous nature of mobile
devices today, mobile forensics is an important topic. A mobile device can be a treasure trove of
evidence. Smartphones and tablets are essentially computers with processors, memory, data storage,
and operating systems, and they operate on networks. Mobile forensics also includes Voice over Internet
Protocol (VoIP), and traditional phones and may overlap the Foreign Intelligence Surveillance Act of 1978
(FISA), the USA Patriot Act, and the Communications Assistance for Law Enforcement Act (CALEA) in
the United States.
Page 1
