Information Assurance Handbook: Effective Computer Security and Risk Management Strategies

CHAPTER 23 Computer Forensics

Computer forensics (digital forensics) is the scientific procedures and accepted set of processes of examining and analyzing allegations of misuse in computer-related incidents. The end-state of digital forensics is to obtain potential legal evidence acceptable to the trier of fact. Forensic analysis uses a range of scientific processes requiring systematic examination and collection of evidence; keeping a legally sufficient set of records and reports; performing experiments; testing hypotheses; describing the process and results; and defending the forensic findings and conclusions. It comes from forensic scientist Edmond Locard’s basic exchange principle: “Every contact leaves a trace.” There are five steps that ...

Get Information Assurance Handbook: Effective Computer Security and Risk Management Strategies now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Information Assurance Handbook: Effective Computer Security and Risk Management Strategies by

CHAPTER 23

Computer Forensics

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly