資源描述:
《Chapter 2 Understanding Computer Investigation.pdf》由會(huì)員上傳分享���,免費(fèi)在線閱讀�,更多相關(guān)內(nèi)容在學(xué)術(shù)論文-天天文庫(kù)��。
1���、GuidetoComputerForensicsandInvestigations,SecondEditionChapter2UnderstandingComputerInvestigationObjectives?Prepareacase?Beginaninvestigation?Understandcomputerforensicsworkstationsandsoftware?Conductaninvestigation?Completeacase?CritiqueacaseGuidetoComput
2�����、erForensicsandInvestigations,2e2PreparingaComputerInvestigation?Roleofcomputerforensicsprofessional:gatherevidencetoproveasuspectcommittedacrimeorviolatedacompanypolicy?Collectevidencethatcanbeofferedincourtoratacorporateinquiry–Investigatethesuspect’scomp
3����、uter–PreservetheevidenceonadifferentcomputerGuidetoComputerForensicsandInvestigations,2e31PreparingaComputerInvestigation(continued)?Followanacceptedproceduretoprepareacase?Chainofcustody–Routetheevidencetakesfromthetimeyoufindituntilthecaseisclosedorgoest
4��、ocourt?USDOJSearchandSeizureGuidehttp://www.usdoj.gov/criminal/cybercrime/s&smanual2002.pdfGuidetoComputerForensicsandInvestigations,2e4ExaminingaComputerCrime?Computerscancontaininformationthathelpslawenforcementdetermine:–Chainofeventsleadingtoacrime–Evi
5�、dencethatcanleadtoaconviction?Lawenforcementofficersshouldfollowproperprocedurewhenacquiringtheevidence–DigitalevidencecanbeeasilyalteredbyanovereagerinvestigatorGuidetoComputerForensicsandInvestigations,2e5ExaminingaComputerCrime(continued)GuidetoComputer
6、ForensicsandInvestigations,2e62ExaminingaCompanyPolicyViolation?Employeesmisusingresourcescancostcompaniesmillionsofdollars?Misuseincludes:–SurfingtheInternet–Sendingpersonale-mails–UsingcompanycomputersforpersonaltasksGuidetoComputerForensicsandInvestigat
7�、ions,2e7TakingaSystematicApproach?Stepsforproblemsolving:–Makeaninitialassessmentaboutthetypeofcaseyouareinvestigating–Determineapreliminarydesignorapproachtothecase–Createadetaileddesign–Determinetheresourcesyouneed–ObtainandcopyanevidencediskdriveGuideto
8、ComputerForensicsandInvestigations,2e8TakingaSystematicApproach(continued)?Stepsforproblemsolving(continued):–Identifytherisks–Mitigateorminimizetherisks–Testthedesign–Analyzeandrecoverthedigitalevidence–Inve
