Sign In
Not register? Register Now!
Essay Available:
Pages:
1 page/β‰ˆ275 words
Sources:
2 Sources
Style:
APA
Subject:
Technology
Type:
Essay
Language:
English (U.S.)
Document:
MS Word
Date:
Total cost:
$ 5.4
Topic:

Write Blocker During Forensic Investigation for Criminal Case or Corporate Case

Essay Instructions:

This week you are reading about the forensic tools used by Computer Forensics Examiners. While the two most popular tools are Guidance Software's EnCase and AccessData's FTK, there are other tools that are available and should be part of your toolbox. Once you have properly identified and collected digital evidence, the next step is to analyze it. It does not really matter if you are performing analysis as part of a criminal investigation or as part of a corporate investigation; you should always follow the same protocols. An emphasis in this course is on helping you understand why using an analysis protocol is important. Remember, you should NEVER, EVER work on original evidence, if it can be avoided by any means; instead, use a forensic image. When you work on the image, you pick the tools you will use. Again, it does not matter which tool you actually use, as long as the tool is accepted by the forensic community, and you are able to testify to the tool's validity, as well as the process you used in your examination.
During your analysis, you should document every step you take and all of your findings. Some tools have a report function that works well to capture both the identified data and the date/time of your various analyses. However, this should always be supplemented with your own notes and documentation.
This week, I would like you to discuss why you need to use a write blocker (either hardware or software) in your examinations, whether for a criminal case or a corporate case.
Also, imagine you are a computer forensic examiner receiving a suspect hard disk drive from a detective in your department. The drive was seized properly during a legally executed search warrant. The detective signs the chain of custody log and hands you the drive. Your job is to accept the drive, conduct an analysis, and maintain the drive until trial. Please explain the steps you would take, from receipt until testimony, including the reasons why you would take each step. For example, what would you check for when you sign for the drive on the chain of custody?

Essay Sample Content Preview:

Digital Forensics in the Criminal Justice System
Name
Course
Instructor
Date
Write blocker during forensic investigation
The write blockers ensure that there is no alteration to the original media stored in an operating system or workstation software (Kessler & Carlton, 2014). As such, write blockers are beneficial in the forensic investigation to determine that the investigation process does not affect the best evidence available. The write blocking technology needs to be well functioning, while relying on a proven test protocol ensuring that the write blocker is functional. Both the hardware and software write blockers have their advantages and drawbacks, and the hardware write blockers are not dependent on the OS unlike the software blockers. To avoid writes to images both hardware and software write blockers are typically used alone depending on the requirements in the digital forensic investigations.
Computer forensic investigation process
Identification
Upon the receipt of the disk drive it is necessary to identify that the drive does indeed belong to the accused (Laykin, 2013). This is because the accused may deny knowledge of the contents of the drive itself, and the system information (BIOS), helps to access the hard drive identification.
Disk analysis
Acquiring the evidence held in the hard drives is also crucial before data analysis is carried out. The aim of this process is to get an exact copy of the data while ensuring ...
Updated on
Get the Whole Paper!
Not exactly what you need?
Do you need a custom essay? Order right now:
Order

πŸ‘€ Other Visitors are Viewing These APA Essay Samples:

HIRE A WRITER FROM $11.95 / PAGE
ORDER WITH 15% DISCOUNT!
Order Now