Legal and Privacy Issues in Information Security, 3rd Edition

Collecting, Handling, and Using Digital Evidence

Computer forensic examiners find evidence on electronic devices and use this evidence to help reconstruct past events or activities. They use the evidence to gain a better understanding of a crime or event. It can be used to show possession and use of digital data. This section discusses how computer forensic examiners collect digital evidence. It focuses on how this evidence is collected in a criminal investigation. You need to keep in mind that almost the same process will be used in a civil investigation. An organization’s IR process also will be similar.

A computer, or any electronic device, can play one of four roles in computer crime:

NOTE

Computer forensic examiners should always collect ...

Get Legal and Privacy Issues in Information Security, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Legal and Privacy Issues in Information Security, 3rd Edition by Joanna Lyn Grama

Collecting, Handling, and Using Digital Evidence

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly