CHFI 1
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

CHFI 1

on

  • 404 views

 

Statistics

Views

Total Views
404
Views on SlideShare
404
Embed Views
0

Actions

Likes
1
Downloads
27
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

CHFI 1 Presentation Transcript

  • 1. Module LXIV - Forensics Investigation Templates
  • 2. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Forensics Investigation Templates 11. CD Investigation Checklist 12. Zip Drive Investigation Checklist 13. Flash Drives Investigation Checklist 14. Tape Investigation Checklist 15. Handheld Device Investigation Checklist 16. Fax Investigation Checklist 17. Hub Investigation Checklist 18. Switch Investigation Checklist 19. Router Investigation Checklist 20. Physical Security Checklist 21. Identity Theft Checklist 1. Case Feedback Form 2. Seizure Record 3. List of Evidences Gathered Form 4. Evidence Preservation Checklist 5. BIOS Configuration 6. System Configuration 7. Application Summary 8. Monitor Investigation Checklist 9. Hard Disk Investigation Checklist 10. Floppy Investigation Checklist
  • 3. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Case Feedback Form
  • 4. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Case Feedback Form (cont’d)
  • 5. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Seizure Record
  • 6. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Seizure Record (cont’d)
  • 7. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited List of Evidence Gathered Form
  • 8. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited List of Evidences Gathered Form (cont’d)
  • 9. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Evidence Preservation Checklist 1 • Photograph crime scene 2 • Report the crime immediately to immediate authority 3 • Leave the computers and equipment as they are 4 • Don’t shut down or switch on the computers 5 • Switch over to your backup/failover systems 6 • Don’t run any programs 7 • Don’t access files 8 • Establish the chain of custody from the beginning 9 • Preserve physical evidence
  • 10. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited BIOS Configuration
  • 11. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited BIOS Configuration (cont’d)
  • 12. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited System Configuration
  • 13. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited System Configuration (cont’d)
  • 14. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited System Configuration (cont’d)
  • 15. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Application Summary
  • 16. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Application Summary (cont’d)
  • 17. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Monitor Investigation Checklist
  • 18. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Monitor Investigation Checklist (cont’d)
  • 19. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Hard Disk Investigation Checklist
  • 20. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Hard Disk Investigation Checklist (cont’d)
  • 21. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Hard Disk Investigation Checklist (cont’d)
  • 22. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Floppy Investigation Checklist
  • 23. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Floppy Investigation Checklist (cont’d)
  • 24. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited CD Investigation Checklist
  • 25. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited CD Investigation Checklist (cont’d)
  • 26. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Zip Drive Investigation Checklist
  • 27. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Zip Drive Investigation Checklist (cont’d)
  • 28. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Flash Drives Investigation Checklist
  • 29. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Flash Drives Investigation Checklist (cont’d)
  • 30. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Tape Investigation Checklist
  • 31. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Tape Investigation Checklist (cont’d)
  • 32. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Handheld Device Investigation Checklist: Blackberry
  • 33. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Handheld Device Investigation Checklist: Blackberry (cont’d)
  • 34. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Handheld Device Investigation Checklist: Blackberry (cont’d)
  • 35. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Handheld Device Investigation Checklist: Blackberry (cont’d)
  • 36. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Handheld Device Investigation Checklist: iPod
  • 37. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Handheld Device Investigation Checklist: iPod (cont’d)
  • 38. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Handheld Device Investigation Checklist: iPod (cont’d)
  • 39. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Handheld Device Investigation Checklist: Mobile Phone
  • 40. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Handheld Device Investigation Checklist: Mobile Phone (cont’d)
  • 41. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Handheld Device Investigation Checklist: Mobile Phone (cont’d)
  • 42. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Handheld Device Investigation Checklist: PDA
  • 43. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Handheld Device Investigation Checklist: PDA (cont’d)
  • 44. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Handheld Device Investigation Checklist: PDA (cont’d)
  • 45. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Fax Investigation Checklist
  • 46. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Fax Investigation Checklist (cont’d)
  • 47. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Fax Investigation Checklist (cont’d)
  • 48. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Hub Investigation Checklist
  • 49. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Hub Investigation Checklist (cont’d)
  • 50. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Hub Investigation Checklist (cont’d)
  • 51. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Switch Investigation Checklist
  • 52. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Switch Investigation Checklist (cont’d)
  • 53. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Switch Investigation Checklist (cont’d)
  • 54. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Router Investigation Checklist
  • 55. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Router Investigation Checklist (cont’d)
  • 56. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Router Investigation Checklist (cont’d)
  • 57. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Physical Security Checklist
  • 58. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Physical Security Checklist (cont’d)
  • 59. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Identity Theft Checklist 1. Report the crime to the police: 1. Provide copies of evidence 2. Obtain copy of the Police Report 2. Request information on fraudulent accounts 3. In the case of lost credit cards: 1. Call the bank and close your account 2. Follow up and trace your cards 4. In case your mail is stolen and your address is changed: 1. Notify the postal inspector 5. If someone has stolen your Social Security number: 1. Call the Employment Department 6. Contact FTC (Federal Trade Commission) 7. Other: 1. Use secure mailboxes to send and receive mail 2. Shred confidential documents 3. Review credit reports annually 4. Report lost or stolen checks immediately 5. Do not ignore bills that include suspicious charges