Chapter 8. Forensics I

Computer forensics, sometimes referred to as cyber-forensics, is the detailed examination of computer systems in an investigation. It normally deals with storage media (such as hard and floppy disks), but it is sometimes used to refer to the examination and analysis of network logs as well. The word comes from the adjective used to describe certain legal evidence:

forensic adj. Pertaining to, connected with, or used in courts of law; suitable or analogous to pleadings in court.

forensic medicine n. Medicine in its relations to law; medical jurisprudence.[1]

[1] The Oxford English Dictionary, 2nd Edition, Oxford, Clarendon ...

Get Incident Response: A Strategic Guide to Handling System and Network Security Breaches now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.