Introduction to Computer Forensics and Incident Response
17.01 Working with Evidence
17.02 Collecting Digital Evidence
17.03 Looking at Incident Response
All electronic devices we use daily, from our cars, to cell phones, to personal computers, leave digital footprints. Computer forensics refers to the documentation, acquisition, and preservation of this digital data for use as evidence. Care must be taken to ensure that the proper steps are taken to perform data acquisition legally and respond to security incidents. Periodic drills and exercises ensure that team members are familiar with response actions.
1. What must be determined by the first responder to an incident?
A. The ...