Business Continuity Plan Essay

Words: 3314
Pages: 14

Data Sources in Digital Forensics
March 17, 2013
Joana Achiampong
CSEC 650

Introduction Four sources of data that stand out for forensic investigators in most criminal investigations are files, operating systems, routers and network traffic, and social network activity. Each data source presents a variety of opportunities and challenges for investigators, meaning that the more reliable data collection and analysis activity typically involves examination of a variety of sources. Digital forensics must cover the four basic phases of activity, which include: data collection, which describes the identification and acquisition of relevant data; data examination, which includes the processing of data through the use
…show more content…
For example, matching RAM slack to file slack identifies the size of a file and makes it easier to identify and retrieve (Sindhu & Meshram, 2012). This type of retrieval inherently emphasizes the importance of data integrity. This type of integrity is important in any forensic environment, and compromised data is usually rendered instantly unusable. The many opportunities for data retrieved from file space to be compromised are a drawback to this data source. For example, data retrieval using bit stream imaging provides a real-time copy onto a disk or similar medium. However, this can be compromised based on the fact that re-imagining of data is constantly changing during re-writing. Investigators will typically choose the type of data copy system based on what they are looking for. However, changes to data can occur if the appropriate safeguards are not taken. Write-blockers are often used to prevent an imaging process from providing data that has been compromised by writing to that media. Sindhu and Meshram (2012) stated that computing a message digest will create a verification of the copied data based on a comparison to the original. A message digest is an algorithm that takes input data and produces an output digest. This comparison helps investigators ensure the integrity of data in many cases. There are additional pitfalls when it comes to