CYBER FORENSICS
Disk Imaging and Analysis / Digital Data Recovery
A Disk Image is a copy of the storage device that not only includes only the data
visible to the user but also includes hidden directories, boot records, partitioned
tables, deleted files, unallocated sectors, etc. In short, we can say that a Forensic Disk
Image is an exact sector by sector cloned copy of any computer system that is used for
investigation purposes to prevent data alteration on the actual system. It is the process
in which, we use tools that make an exact copy of the hard disk that can be examined using
some special forensic investigation tools covered in the later sections.
Computer Forensics
Computer forensics is a branch of digital forensic science pertaining to evidence
found in computers and digital storage media. The goal of computer forensics is to examine
digital media in a forensically sound manner with the aim of identifying, preserving,
recovering, analyzing and presenting facts and opinions about the digital information.
Evidence from computer forensics investigations is usually subjected to the same guidelines
and practices of other digital evidence.
E-Discovery
E-discovery is a form of digital investigation that attempts to find evidence in email, business communications and other data that could be used in litigation or criminal proceedings. The traditional discovery process is standard during litigation, but e-discovery is specific to digital evidence. The evidence from electronic discovery could include data from email accounts, instant messages, social profiles, online documents, databases, internal applications, digital images, website content and any other electronic information that could be used during civil and criminal litigation.
Web Attack Investigating
