Online Test Banks
Score higher
See Online Test Banks
Learning anything is easy
Browse Online Courses
Mobile Apps
Learning on the go
Explore Mobile Apps
Dummies Store
Shop for books and more
Start Shopping

Steps to Take in a Computer Forensics Investigation

Part of the Computer Forensics For Dummies Cheat Sheet

Computer forensics is a meticulous practice. When a crime involving electronics is suspected, a computer forensics investigator takes each of the following steps to reach — hopefully — a successful conclusion:

  1. Obtain authorization to search and seize.

  2. Secure the area, which may be a crime scene.

  3. Document the chain of custody of every item that was seized.

  4. Bag, tag, and safely transport the equipment and e-evidence.

  5. Acquire the e-evidence from the equipment by using forensically sound methods and tools to create a forensic image of the e-evidence.

    Keep the original material in a safe, secured location.

  6. Design your review strategy of the e-evidence, including lists of keywords and search terms.

  7. Examine and analyze forensic images of the e-evidence (never the original!) according to your strategy.

  8. Interpret and draw inferences based on facts gathered from the e-evidence. Check your work.

  9. Describe your analysis and findings in an easy-to-understand and clearly written report.

  10. Give testimony under oath in a deposition or courtroom.

blog comments powered by Disqus

Computer Forensics For Dummies Cheat Sheet


Inside Sweepstakes

Win $500. Easy.