Fandom

The IT Law Wiki

Digital forensic analysis

32,167pages on
this wiki
Add New Page
Talk0 Share

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Definition Edit

Digital forensic analysis is

the practice of gathering, retaining, and analyzing computer-related data for investigative purposes in a manner that maintains the integrity of the data.[1]

Overview Edit

Digital forensic analysis can be conducted on different types of media, such as global positioning system devices, memory cards, or compact discs, and can be conducted by federal, state, and local law enforcement agencies in support of a variety of investigations, such as online child pornography crime and identity theft.

The process for performing digital forensics comprises the following basic phases:

  • Collection: identifying, labeling, recording, and acquiring data from the possible sources of relevant data, while following procedures that preserve the integrity of the data.
  • Examination: forensically processing collected data using a combination of automated and manual methods, and assessing and extracting data of particular interest, while preserving the integrity of the data.
  • Analysis: analyzing the results of the examination, using legally justifiable methods and techniques, to derive useful information that addresses the questions that were the impetus for performing the collection and examination.
  • Reporting: reporting the results of the analysis, which may include describing the actions used, explaining how tools and procedures were selected, determining what other actions need to be performed (e.g., forensic examination of additional data sources, securing identified vulnerabilities, improving existing security controls), and providing recommendations for improvement to policies, procedures, tools, and other aspects of the forensic process.

References Edit

  1. DFARS Clause 252.204-7012(a).

Source Edit

Also on Fandom

Random Wiki