Bruce Nikkel 1_2_overview_of_digital_forensics.pdf

0.0 (0)

Fichier Détails

Cartes-fiches	7
Langue	English
Catégorie	Technique
Niveau	Université
Crée / Actualisé	20.06.2019 / 28.06.2021
Lien de web	https://card2brain.ch/box/20190620_bruce_nikkel_12overviewofdigitalforensics_pdf
Intégrer	<iframe src="https://card2brain.ch/box/20190620_bruce_nikkel_12overviewofdigitalforensics_pdf/embed" width="780" height="150" scrolling="no" frameborder="0"></iframe>

Liste des carte

Étudier

What is the basic forensic process for digital evidence?

Commandes clavier:

= tourner,

= avant/arrière,

= faire défiler

Basic forensic process for digital evidence:

Evidence collection/acquisition
Preservation, integrity, chain-of-custody
Analysis, interpretation
Presentation, reporting

Why is digital evidence important or useful?

Commandes clavier:

= tourner,

= avant/arrière,

= faire défiler

Admissible in court of law
Usable for internal disciplinary hearings
Supporting data for internal incident reports
Assisting/furthering other investigations
Helps reconstrucht past events or activity (timelines)
Shows possession / handling of digital data
Show use/abuse of IT infrastructure & services
Shows evidence of policy violation or illegar activity

What are the original areas of digital forensics?

Commandes clavier:

= tourner,

= avant/arrière,

= faire défiler

Computer forensics (disks, removable media, flash chips ...)
Network forensics (network intrusion, abuse ...)
Software forensics (examining malicious code, malware ...)
Live system forensics (compormied hosts, memory dumps ...)

What has modern digital forensics grown to include?

Commandes clavier:

= tourner,

= avant/arrière,

= faire défiler

Mobile forensics (smart phones, tablets)
IoT forensics (internet connected toasters, tiny devices ...)
Vehicle forensics (automobiles, drones)
Cloud and Social Media forensics

What are the characteristics of digital evidence?

Commandes clavier:

= tourner,

= avant/arrière,

= faire défiler

Easy to destroy

bootin a PC updates timestamps and modifies files
attaching external drives can modify file system timestamps, create files, overwrite deleted data
volatile memory is lost when a machine is powered off

Hard to get

network traffic only exists on the wire for milliseconds
intrusions and attacks may be cleverly hidden (steg, obfuscation, crypto)
anti-forensic activity may prevent collection
proprietary devices of file formats
over-providioned ares on flash drives
service ares on disks
encrypted drives and files

What are some concepts of digital forensics?

Commandes clavier:

= tourner,

= avant/arrière,

= faire défiler

acquisition vs analysis
evidence vs intelligence
private vs public sectors
victioms vs perpetrators (ebanking, CP)
limitations vs requierments (technical, policy, legal, ehtical)

Name some digital forensics resources and tools

Commandes clavier:

= tourner,

= avant/arrière,

= faire défiler

Academic papers and conferences
DF (data forensic) tools and platforms
- sleuth kit + autopsy
- forensic focus
- kali linux
- my forensics page

1 / 7

Liste des carte

Étudier

Bruce Nikkel 1_2_overview_of_digital_forensics.pdf

Créer ou copier des fichiers d'apprentissage

Créer ou copier des fichiers d'apprentissage

Connecte-toi pour voir toutes les cartes.

SWITCHaai

Office 365

Edulog

Apple ID

Google