FOLLOW US

FORENSICS

Computer forensics (also known as cyber forensics or digital forensics) in the simplest words means investigating, gathering, and analyzing information from a computer device in support of network vulnerability mitigation and/or criminal, fraud, counterintelligence, or law enforcement investigations.

Filter by Categories
Book
Cheat Sheet
Course
Cyber Review
CyberDecoded
CyberStory
CyberTips
Definition
Documentary
Game
Meme
Movie
Paper
Podcast
Quotes
Report
TV Show

Try these: MalwarePrivacyRansomware

Frequently Asked Questions

  • Forensics
  • What job can you get in digital forensics?
    • Digital forensic investigator
    • Computer expertise technician
    • Information security analyst
    • Digital forensics analyst
    • Digital/computer forensics engineer
    • Information systems security analyst
    • Forensic computer analyst
    • Cybersecurity consultant
    • Computer/digital forensic technician.
  • What does a digital forensics analyst do?
    Computer forensics analysts assist in the investigation of crimes and cybersecurity incidents. In many cases, they work to recover hidden, encrypted, or deleted information related to the case. They also safeguard the integrity of data by following a chain of custody that ensures its admissibility in court.
  • Where does a digital forensics expert work?
    Digital forensics experts commonly work in the criminal justice system. Many private industries also employ them, including companies in financial services, information technology, computing, network security, and defense sectors. Privately employed digital forensics analysts help buttress an organization’s internal cybersecurity team and provide an added safeguard in the event of a hack or cybercrime.
  • How does digital forensics work?

    Forensic investigators typically follow standard procedures, which vary depending on the context of the forensic investigation, the device being investigated or the information investigators are looking for. In general, these procedures include the following three steps:

    • Data collection: Electronically stored information must be collected in a way that maintains its integrity. This often involves physically isolating the device under investigation to ensure it cannot be accidentally contaminated or tampered with. Examiners make a digital copy, also called a forensic image, of the device's storage media, and then they lock the original device in a safe or other secure facility to maintain its pristine condition. The investigation is conducted on the digital copy. In other cases, publicly available information may be used for forensic purposes, such as Facebook posts or public Venmo charges for purchasing illegal products or services displayed on the Vicemo website.
    • Analysis: Investigators analyze digital copies of storage media in a sterile environment to gather the information for a case. Various tools are used to assist in this process, including Basis Technology's Autopsy for hard drive investigations and the Wireshark network protocol analyzer. A mouse jiggler is useful when examining a computer to keep it from falling asleep and losing volatile memory data that is lost when the computer goes to sleep or loses power.
    • Presentation: The forensic investigators present their findings in a legal proceeding, where a judge or jury uses them to help determine the result of a lawsuit. In a data recovery situation, forensic investigators present what they were able to recover from a compromised system.
  • Do digital forensics analysts need certifications?

    Candidates do not need a formally issued license to become a computer forensics analyst, but employers often prefer candidates who hold one or more of the following:

    • Global Information Assurance Certifications: GIAC certifications focus on incident response capabilities, and include seven unique programs as of 2020.
    • Computer Hacking Forensic Investigator: Offered by the world-renowned EC-Council, the CHFI designation appeals to professionals interested in investigating cybercrime.
    • Certified Forensic Computer Examiner: Delivered by the IACIS, the CFCE program includes two phases: a peer review phase and a certification phase. Candidates must recertify every three years to maintain valid standing.
    • Access Data Forensics Certifications: Access Data offers numerous specialized certifications for professionals who aspire to work in law enforcement settings.
  • How much does a digital forensics analyst make?
    According to the Bureau of Labor Statistics (BLS May 2019), the median salary for information security analysts was $99,730 in 2019. Those in the lowest 10 percent earned $57,810 or less, while those in the highest 10 percent earned $158,860 annually or more.
  • What job can you get in Digital Forensics?
    Digital forensic investigator Computer expertise technician Information security analyst Digital forensics analyst Digital/computer forensics engineer Information systems security analyst Forensic computer analyst Cybersecurity consultant Computer/digital forensic technician.
  • What does a Digital Forensics Analyst Do?

    Computer forensics analysts assist in the investigation of crimes and cybersecurity incidents. In many cases, they work to recover hidden, encrypted, or deleted information related to the case. They also safeguard the integrity of data by following a chain of custody that ensures its admissibility in court.

  • How does Digital Forensics work?

    Forensic investigators typically follow standard procedures, which vary depending on the context of the forensic investigation, the device being investigated or the information investigators are looking for.

    In general, these procedures include the following three steps:

    Data collection: Electronically stored information must be collected in a way that maintains its integrity. This often involves physically isolating the device under investigation to ensure it cannot be accidentally contaminated or tampered with. Examiners make a digital copy, also called a forensic image, of the device's storage media, and then they lock the original device in a safe or other secure facility to maintain its pristine condition. The investigation is conducted on the digital copy. In other cases, publicly available information may be used for forensic purposes, such as Facebook posts or public Venmo charges for purchasing illegal products or services displayed on the Vicemo website.

    Analysis: Investigators analyze digital copies of storage media in a sterile environment to gather the information for a case. Various tools are used to assist in this process, including Basis Technology's Autopsy for hard drive investigations and the Wireshark network protocol analyzer. A mouse jiggler is useful when examining a computer to keep it from falling asleep and losing volatile memory data that is lost when the computer goes to sleep or loses power.

    Presentation: The forensic investigators present their findings in a legal proceeding, where a judge or jury uses them to help determine the result of a lawsuit. In a data recovery situation, forensic investigators present what they were able to recover from a compromised system.

  • Where does a Digital Forensics expert work?

    Digital forensics experts commonly work in the criminal justice system. Many private industries also employ them, including companies in financial services, information technology, computing, network security, and defense sectors. Privately employed digital forensics analysts help buttress an organization’s internal cybersecurity team and provide an added safeguard in the event of a hack or cybercrime.

  • BOOKS

    0
    SHARES
    6
    VIEWS
    Practical Guide to Digital Forensics Investigations

    THE DEFINITIVE GUIDE TO DIGITAL FORENSICS―NOW THOROUGHLY UPDATED WITH NEW TECHNIQUES, TOOLS, AND SOLUTIONS Complete, practical coverage of both technical and investigative skills. Thoroughly covers modern devices, networks, and the Internet. Addresses online and lab investigations, documentation, admissibility, and more. Aligns closely with the NSA Knowledge Units and the NICE...

    Read more

    COURSES & CERTS

    0
    SHARES
    6
    VIEWS
    Certified Digital Forensics Examiner, C)DFE

    The Certified Digital Forensics Examiner, C)DFE certification is designed to train Cyber Crime and Fraud Investigators. Students are taught electronic discovery and advanced investigation techniques. This course is essential to anyone encountering digital evidence while conducting an investigation.

    Read more

    DEFINITIONS

    0
    SHARES
    12
    VIEWS
    TOR  – Definition

    Stands for “The Onion Router. TOR is US Government-created (through the US Naval Research Lab) software designed to allow anonymous or semi-anonymous communication.

    Read more

    ENTERTAINMENT

    QUOTES

    TOOLS

    Welcome Back!

    Create New Account!

    Retrieve your password

    Please enter your username or email address to reset your password.

    Add New Playlist