O'Reilly logo

Effective Incident Response Team, The by Brian Moeller, Julie Lucas

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Overview and Importance of Computer Forensics

Computer forensics can be defined as the process of extracting information from a computer crime scene and guaranteeing its accuracy and reliability. Typically, the information is extracted from computer media, such as hard drives, Zip drives, and other storage devices. It may also include other sources of evidence, such as photographs of the physical system components or the connections among devices, and surveillance videotapes of someone accessing the system.

The computer forensics expert must be able to prove, beyond “any shadow of a doubt,” that the information extracted is exactly as it was on the computer once the investigation began. Elements such as time stamps, file names, file contents, ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required