In your own words, what do you think computer forensics is about? Why are you studying it?
Computer forensics entails applying investigation techniques for gathering and preserving evidence from a computing device so that it can be used in a court of law (TechTarget, 2014). It aims to carry out the structural investigation while maintaining a documented chain of evidence to determine what happened to a computer and the person responsible.
I’m studying computer forensics to prepare to become a forensic investigator. In this time and era, cybercrime and cyberwarfare are rampant. And as such, the demand for computer forensic investigators has been growing. Forensic scientists are deployed to gather evidence in the case of cyber intrusions. Espionage organizations and National militaries are employing digital forensics investigators to track intrusions by their enemies. In the absence of professional digital forensic experts, a country would not be able to know if they have been attacked and by who (Beebe, 2009).
What are different crimes that are committed on a computer or with a computer?
Obtaining information by unauthorized computer access is otherwise called hacking. Here an attacker intentionally accesses a computer without authorization or exceeds the access allowed and obtains such things as financial record information, credit card numbers and any other information from a protected computer (Doyle, 2014).
Computer fraud – this is where a person intrudes into a computer knowingly intending to defraud. After the intrusion, they obtain anything of value, such as money. In this crime, the attacker misrepresents a fact that is intended to let another person do or refrain from doing something which causes loss.
Cuber-extortion – This occurs when a computer system, a website or a server is threatened with repeated denial of service attacks or other malicious attacks. The attacker afterwards demands money with a promise to stop and offer protection if paid. They mostly attack corporate websites and networks and cripple their operation ability.
What are the 6 stages of evidence handling? Explain in detail each of the stages of evidence handling.
This is the first step in handling digital evidence, where the devices containing potential evidence are moved to the lab. Digital evidence can be present when a device is turned on or off, depending on the condition of the device. All collected items should be recorded and appropriately packaged before transportation. If reasonable care is not applied, potential digital evidence may be easily spoilt (Hamidovic, 2016). Depending on the condition, the best possible collection method should be used.
In this step, the evidence is preserved to ensure it is useful for future investigations and incidents. It is also where the integrity of the evidence is preserved. The process of preservation involves putting safeguards on the potential digital devices and digital evidence from tampering or getting spoilt. The process used for preservation should be done from the initial stages and maintained through handling the digital evidence (Hamidovic, 2016). If this process is done correctly, the data and associated metadata will not be spoilt.
In this step, an in-depth systematic search of evidence is done before the full analysis is carried out. This aims to locate and identify potential evidence within an unconventional location. This stage results in the creation of the smallest of digital information, which has the highest potential for containing data of value that can be used in probation. Another output of this stage is the detailed analysis documentation.
In this step, the data identified in the initial stages undergo detailed scrutiny. The techniques that are used here usually involve reviewing and studying some internal attributes of data. The analysis done here helps in determining the significance of the collected data. It also reconstructs the fragments and draws conclusions based on evidence. For a crime theory to be supported, several iterations of the analysis and examinations may be required (Hamidovic, 2016). The analysis stage is distinct because it does not need highly technical skills to carry out, allowing more people to work on the case.
This stage provides a transparent view of the process of investigation. The final reports usually contain the details of each step. These include the methods and protocols followed to collect, reconstruct, organize, document, preserve and search the critical evidence. A significant part of the reports generally focuses on the analysis done, which led to the conclusions and supporting evidence description. This stage ensures the conclusion is written when there is no thorough description of the analysis and supporting evidence. Also, the report should include the investigator’s objectivity by providing other alternative theories that were eliminated due to a lack of supporting evidence or contradictions.
In your opinion, which stage do you believe is the most important, and why?
I believe that the first stage of collection or acquisition of evidence is the most important. This is because it determines whether or not there will be a case. When the method of collection used is inappropriate or carried out without care, the other stages will not exist. At this stage, the evidence is either destroyed or preserved.
Doyle, C. (2014). Cybercrime: an overview of the federal computer fraud and abuse statute and related federal criminal laws. Congressional Research Service, 7-5700. https://fas.org/sgp/crs/misc/97-1025.pdf
Hamidovic, H. (2016). The Basic Steps Of Digital Evidence Handling Process. Retrieved from https://www.researchgate.net/publication/292975650_THE_BASIC_STEPS_OF_DIGITAL_EVIDENCE_HANDLING_PROCESS
TechTarget(2014). Computer forensics (cyber forensics). Retrieved from https://searchsecurity.techtarget.com/definition/computer-forensics
Beebe, N. (2009, January). Digital forensic research: The good, the bad and the unaddressed. In IFIP International Conference on Digital Forensics (pp. 17-36). Springer, Berlin, Heidelberg.
ORDER A PLAGIARISM-FREE PAPER HERE
We’ll write everything from scratch
- In your own words, what do you think computer forensics is about? Why are you studying it?
- What are different crimes that are committed on a computer or with a computer?
- What are the 6 stages of evidence handling?
- Explain in detail each of the stages of evidence handling.
- In your opinion, which stage do you believe is the most important, and why?
Have a similar assignment? "Place an order for your assignment and have exceptional work written by our team of experts, guaranteeing you A results."