Basics of Digital forensics Procedure

The digital forensics is the acquisition of digital evidence from many sources such as Laptop, PC, digital cameras, mobile phones ,Routers… USB and SSD cards. The first step is to make a clear picture of the object. The pictures must contain elements such a serial numbers, damaged areas. Then unscrew the device to take the hard disk we want to image using a forensics software. The next step, connect the disk to a write blocker, in case it is an SSD device, just connect it to an adapter and the adapter connected to the write blocker. Use your best computer forensics software to acquire the data.Also a brand new formatted disk drive to store the acquiring image.This target drive has to have a bigger capacity than the source drive. My favorite is X-Ways forensics.It is a good idea to use a Linux forensics acquisition tool too.Screw delicately the disk drive back to its initial location and document the findings using the chain of custody.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s