SlideShare a Scribd company logo

File000164

•
•
Desmond Devendran
Desmond Devendran

An expert witness testified in a court case involving a teacher accused of sexual relations with a student. The expert, a computer forensics officer, explained that activity seen on the teacher's computer was likely caused by automatic programs and weather programs, not tampering as the defense suggested. If the computer had been turned back on after seizure, there would have been evidence of that, but there was none. The document then discusses the role of expert witnesses and preparing for testimony in court cases.

TechnologyBusiness
1 of 51
Download to read offline
Module LI - Becoming an Expert Witness
EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited News: The Prosecution of Julie Amero Source: http://www.reason.com
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Scenario Bobo, Raymond E. Wells Junior High School teacher was alleged that she had sex with a male student. Shue, the attorney called Sgt. Adam Holland, a computer forensics expert with the Fort Smith Police Department as a rebuttal witness and asked him to explain the testimony of the activity that occurred on Bobo’s computer the day the computer was seized. The defense suggested that someone tampered with the computer. Holland said the activity was caused by programs that run automatically, including a weather program. If someone had turned the computer back on after police disconnected it, there would have been evidence of that, but there was none.
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Module Objective • What is an expert witness? • Role of an expert witness • Types of expert witnesses • Preparing for a testimony • Rules pertaining to an expert witness’ qualification • Testifying in the court • Testifying during direct and cross-examination • Deposition • Dealing with media This module will familiarize you with:
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Module Flow What is an Expert Witness? Role of an expert witness Types of expert witnesses Testifying in the court Rules pertaining to an expert witness’ qualification Preparing for Testimony Testifying during Direct and Cross-examination Deposition Dealing with media
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited What is an Expert Witness “An expert witness is a witness, who by virtue of education, profession, or experience, is believed to have special knowledge of his/her subject beyond that of the average person, sufficient that others legally depend upon his/her opinion”
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Role of an Expert Witness • Evaluates the evidence • Assists plaintiff’s or defendant’s lawyers to establish facts, assess the merits, and help in the preparation of a case, including the initial decision whether to start a litigation or not • Testifies in court • Assists the court in understanding intricate technical evidence • Helps the attorney to get to the truth • Truthfully, objectively, and fully express his or her expert opinion, without regard to any views or influence • Conducts investigations on behalf of the court and reports the findings back to the court • Participates in court-appointed expert witness conferences to study any intriguing incident • Educates the public and the court An expert witness is a person who:
EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited What Makes a Good Expert Witness? Good experts can talk to the jurors in a way that shows they have confidence in their case and they are sincere, without seeming like an advocate Experts need to change the complicated material into understandable material so that the lay audience can understand easily Observe jurors to identify the level of interest, make a note of which juror is sleeping and uninterested Avoid overextending opinions Develop repetition into details and descriptions for the jury Augment your image with the jury by following a formal dress code
EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Types of Expert Witnesses Computer Forensics Experts Medical & Psychological Experts Civil Litigation Experts Construction & Architecture Experts Criminal Litigation Experts
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Computer Forensics Experts Computer Forensics’ experts locate and recover information through electronic discovery, while protecting the evidentiary quality of findings Their opinions are required to interpret the evidence produced before the court for both legal teams and jurors • Computer forensics • Email systems • Financial Systems • Credit Card Processing Systems • Airline Reservation Systems Computer forensics expert should have knowledge about:
EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Role of Computer Forensics Expert Examines personal computers Examines emails Determines date, time, and author of certain files Testifies witnesses, defendants, or prosecution Examines all the case documentation Prepares a report for submission to the lawyers or jury Helps the court in understanding the report which relates to the case Reviews all the files Decrypts the encrypted files Opens the password protected files Finds the deleted files if any
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Medical & Psychological Experts • Physical injury • Subjective tenderness described by the victim • Stains or substances found on the victim's body Findings documented during forensic medical examination include: Medical professionals such as physicians, physicians' assistants, and nurses describe the process of examining the victim and physical findings that were observed and explained
EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Civil Litigation Experts Civil litigation experts explain the process for collecting and analyzing evidence to jurors They explain the realities of the process and correct false assumptions regarding crime scene evidence
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Construction & Architecture Experts • Expert witness testimony • Pretrial assessment • Claims • Accident Investigations • Construction defects • Estimating and analyzing the schedule of construction Practice of construction and architecture experts include:
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Criminal Litigation Experts • They are generally accessible and cooperative • They will not expect to be paid for their services Advantages of using a victim advocate: • Sometimes testimony may be tarnished with cross- examination regarding the reputation of the individual and/or the rape crisis agency Disadvantages of using a victim advocate: Victim advocates are frequently asked to testify in cases involving a sexual attack They are qualified by the court to address the behavior of the defendant or characteristics of crime
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Scope of Expert Witness Testimony • Alcohol intoxication • Automobile and airplane crashes • Ballistics • Bite mark analysis • Blood grouping tests and blood spatter analysis • DNA (Deoxyribonucleic Acid) TESTS • Document examination • Drug courier profiling and profiling in general • Speed detection readings – radar • Physical and mental condition • Eyewitness identification The scope of the expert witness testimony includes the following areas of expertise:
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Scope of Expert Witness Testimony (cont’d) • Fingerprint identification • Firearms identification • Forensic anthropology • Forensic biology • Forensic engineering • Forensic odontology • Voice print analysis • Truth serum results • Toxicology • Toxicology • Sketch artist • Photography The scope of the expert witness testimony includes the following areas of expertise:
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Technical Witness vs. Expert Witness • Does the actual fieldwork • Submits only the results of his findings • Does not offer a view in court • Provides facts found in investigation • Prepares testimony • Does not offer conclusions A technical witness is an individual who: • Has absolute field knowledge • Offers a view in court • Has opinions based on observations • Works for the attorney An expert witness is an individual who:
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Preparing for Testimony • Go through the document thoroughly • Establish early communication with the attorney • Determine the basic facts of the case before beginning and examining the evidence • Substantiate the findings: • With documentation • By collaborating with other computer forensic professionals • Detect conflict of interest • Avoid conflicting out practice While preparing for testimony:
EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Evidence Preparation and Documentation Document every important aspect in the case during investigations Safeguard the integrity of all gathered evidence Catalog and index is easy to understand Use professional experience and request peer reviews to support the findings
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Evidence Processing Steps Examine, preserve, monitor, and authenticate the documentation Create different checklists for different evidence analysis Avoid personal comments or ideas in these notations Note any successful output Validate evidence using hash algorithms Search for keywords using well-defined parameters • List relevant evidence on the report Make simple and precise notes of the investigation
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Evidence Processing Steps (cont’d) • To prove them repeatable Document the steps Collect the evidence and document employed tools Preserve the evidence Maintain the chain of custody Collect the right information
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Checklists for Processing Evidence Use Digital Signatures to find the evidence Use SHA-1 for evidence validation • MD5 or CRC32 can be used if SHA-1 is absent • An MD5 or SHA-1 hash check before and after evidence examination would ensure the integrity of the evidence Use well-defined search parameters while searching for key results, which • Helps in narrowing the search • Avoids false hits While writing the report, list only the evidence findings that are relevant to the case • Never use formal checklist • Do not include checklist in the final report • Opposing attorneys can challenge them
EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Examining Computer Evidence Examine e-mails Review all the files Decrypt the encrypted files Open password protected files Determine date, time, and author of certain files Find the deleted files if any
EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Prepare the Report Ask the legal representative to list the document that should be expressed in the expert report Write a statement that should be related to all opinions and the basis and reasons for those opinions Document the data and information considered in making the opinions List the evidence used as summary or support for the opinions List of cases in which you have provided evidence as an expert at examination
EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Evidence Presentation Identify evidence to defend opinion Reaffirm your opinion Never exaggerate opinions Be prepared to defend your opinion Recall definitions Gather information about the opposing attorney and expert Do not talk with anybody during court recess
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Rules Pertaining to an Expert Witness’ Qualification • Four years of previous testimony (indicates experience) • Ten years of any published literature • Previous payment received when giving testimony According to USA federal rules, to be present as an expert witness in a court, following information must be furnished:
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Rules Pertaining to an Expert Witness’ Qualification (cont’d) Do not record conversations or telephone calls Learn about all other people involved and basic points in dispute Define analysis procedures Do not keep secrets from the client's legal team Do not agree to testify on subject matters for which you are not an expert or on which you do not believe Never exaggerate or fudge details, stick with the facts in evidence Do not be intimidated by the process
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Rules Pertaining to an Expert Witness’ Qualification (cont’d) Do not write, FAX, e-mail, or communicate in any other way, unless explicitly instructed to do so Do not do research and analysis you have not been asked to do and respect the guidelines imposed by the client's legal team Do not ever permit compensation to be tied to the outcome of the litigation Do not let the client's legal team form opinions, if they insist, resign from the case Never compromise integrity for any reason or any way
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Daubert Standard The Daubert standard is a legal precedent set in 1993 by the Supreme Court of the United States regarding the admissibility of expert witnesses' testimony during federal legal proceedings In order to reject the presentation of unqualified evidence to the jury, the Daubert motion takes place before or during trail Trial judges make a decision whether the evidence is both relevant and reliable Expert’s evidence can be decided based on the facts of the case The expert should derive his or her conclusions from scientific method in order to consider the evidence reliable
EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Frye Standard Frye standard is a legal precedent regarding the admissibility of scientific examinations or experiments in legal cases To meet the Frye standard, scientific evidence submitted in the court should be accepted as an important part of the associated scientific community It can be applied to procedures, principles, and analysis presented in the court case In this standard, supporters of a particular scientific issue should provide a number of experts to speak about the science behind the issue in question It is not an appropriate test for voice identification evidence
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Importance of Resume • Certifications/credentials/accomplishments • Recent work as an expert witness or testimony log • Expertise • List of books written, if any • Any training undergone • Referrals and contacts • List basic and advance skills The following things must be kept in mind while preparing a resume: Resume shows the capability of an expert witness Update the resume regularly
EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Testifying in the Court Familiarize with the usual procedures that are followed during a trial The attorney introduces the expert witness with high regards The opposing counsel may try to discredit the expert witness The attorney would lead the expert witness through the evidence Later, it is followed by the cross examination with the opposing counsel
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited The Order of Trial Proceedings • Objections to particular testimonies are written in the form of lists • Allows judge to examine whether certain evidence should be admitted in the absence of the jury Motion in beginning: • Offers an outline of the case Opening the Statement: • The attorney and the opposing counsel presents the case Plaintiff and defendant:
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited The Order of Trial Proceedings (cont’d) • Cross examination by both plaintiff and defendant Rebuttal session • Proposed by the counsel • Approved and read by the judge to the jury Jury orders • Statements that organize the evidence and the law Closing arguments
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited General Ethics while Testifying • Be professional, polite, and sincere in testimony • Always pay tribute to the jury • Be enthusiastic during testimony • Keep the jury interested in speech • Be aware and prepare for the possible rebuttal questions especially from the opposing counsel • Show an open physical and psychological attitude to the Jurors • It is more important to maintain visual control in the courtroom • Maintain a steady body expression with balanced stance without revealing any nervousness • Avoid leanings • Develop self confidence and create personal space for winning professional style in the courtroom Ethics to be followed while presenting as an expert witness to any court or an attorney:
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Importance of Graphics in a Testimony Use clear and easily understandable graphical demonstrations Make graphical demonstrations such as charts • To illustrate and elucidate your findings Make sure the graphics are seen by the jury Face the jury while exhibiting these graphics Make it a habit of using charts and tables for courtroom testimony
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Helping your Attorney • Enable the attorney to get the expert’s testimony into the trial • Provide a practice in the testimony for direct examination • Help the attorney to review and improve on how he or she wants to try the case Prepare a list of questions that are important • Communicate the message to the jury Develop a script and work with the attorney to get the perfect language
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Avoiding Testimony Issues Offer clear opinions Outline your boundaries of knowledge and ethics Create a case outline and summary for the attorney, which • Enables reviewing of the case plan • Offers a clear overview of the level of knowledge used in the case Make the best effort to coordinate testimony with other experts, who are retained by your attorney for the same case Meet with the paralegal to communicate necessary information to your attorney • Paralegal is a person with special training in either a specific or general area of law
EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Testifying during Direct Examination Direct examination is an important part of a testimony during a trial that offers a clear overview of all the findings Create an easy-to-follow and systematic plan for describing evidence collection methods Be lucid while describing complicated concepts Determine the speech to the education level of the jury
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Testifying during Direct Examination (cont’d) • Allows you to maintain control over the opposing counsel Turn towards the jury slowly while giving your response, which The opposing counsel has the opportunity to ask questions about the expert witness’ testimony and evidence Do not offer guesses when asked something irrelevant to the case Use your own words and phrases when answering the opposing counsel Speak slowly as the best offense to problematic questions is to be patient with answers
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Testifying during Cross-Examination (cont’d) • Be prepared for challenging pre-constructed questions • Be prepared for rapid-fire questions • Be prepared for nested questions • Some questions cause conflicting answers • Attorneys make speeches and phrase them as questions • Be patient • Keep vigorous conduct and use energetic speech • Avoid feeling stressed and losing control • State background and qualifications • Balance the language • Practice testifying • Be fair • Avoid ambiguity Recommendations and practices:
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Deposing • Both attorneys are present • No jury or judge • Opposing counsel asks questions Deposing differs from a trial as: • Enables opposing counsel to preview your testimony at trial Purpose of a Deposing The attorney fixes a location for the deposing
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Recognizing Deposing Problems Discuss any problem before deposing to • Identify any negative aspect Be prepared to defend Avoid: • Omitting information • Having the attorney box into a corner • Contradictions Be professional and polite when giving opinions about opposite experts
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Guidelines to Testify at a Deposing Convey a calm, relaxed, confident, and professional appearance during a deposition Do not get influenced by the opposing counsel’s tone or expression or tactics Use the opposing counsel’s name while responding him/her and reply confidently Maintain eye contact with the opposing counsel Keep your hands on the table and hold out your elbows which makes you appear more open and friendly Be professional and polite Use facts when describing the opinion Ask attorney questions for opposing the case
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Dealing with Media • It is unpredictable what the journalists might publish • The comments might influence the case • It can create a record for future testimony, which can be used against you Avoid conversing with the media because: Avoid contact with media during a case Do not give opinions about the trial to media but simply refer to the attorney
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Finding a Computer Forensic Expert Contact professional associations and gather the information of members Check with the non-commercial electronic evidence information centre which provides detailed information of the forensics experts • http://www.logicforce.com/ • http://www.htcia.org/ Some of the organizations which provide computer forensics expert services:
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Learn more about “ Expert Witness” in the Movie “My Cousin Vinny”
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Summary “An expert witness is a witness, who by virtue of education, profession or experience, is believed to have special knowledge of his subject beyond that of the average person, sufficient that others legally depend upon his opinion” Assists plaintiff’s or defendant’s lawyers to establish facts, assess the merits and help in the preparation of a case, including the initial decision whether to start a litigation or not Determine the basic concepts of the case before beginning and examining the process of evidence Direct examination is an important part of a testimony during a trial that offers a clear overview of all the findings
EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited

Recommended

File000166
File000166File000166
File000166
Desmond Devendran
 
CHFI
CHFICHFI
CHFI
Desmond Devendran
 
File000172
File000172File000172
File000172
Desmond Devendran
 
File000168
File000168File000168
File000168
Desmond Devendran
 
File000176
File000176File000176
File000176
Desmond Devendran
 
File000116
File000116File000116
File000116
Desmond Devendran
 
File000167
File000167File000167
File000167
Desmond Devendran
 
File000118
File000118File000118
File000118
Desmond Devendran
 

Recommended

File000166
File000166File000166
File000166
Desmond Devendran
 
CHFI
CHFICHFI
CHFI
Desmond Devendran
 
File000172
File000172File000172
File000172
Desmond Devendran
 
File000168
File000168File000168
File000168
Desmond Devendran
 
File000176
File000176File000176
File000176
Desmond Devendran
 
File000116
File000116File000116
File000116
Desmond Devendran
 
File000167
File000167File000167
File000167
Desmond Devendran
 
File000118
File000118File000118
File000118
Desmond Devendran
 
File000163
File000163File000163
File000163
Desmond Devendran
 
File000114
File000114File000114
File000114
Desmond Devendran
 
File000113
File000113File000113
File000113
Desmond Devendran
 
File000154
File000154File000154
File000154
Desmond Devendran
 
File000117
File000117File000117
File000117
Desmond Devendran
 
File000119
File000119File000119
File000119
Desmond Devendran
 
File000146
File000146File000146
File000146
Desmond Devendran
 
Chfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays WorldChfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays World
gueste0d962
 
Ce hv6 module 57 computer forensics and incident handling
Ce hv6 module 57 computer forensics and incident handlingCe hv6 module 57 computer forensics and incident handling
Ce hv6 module 57 computer forensics and incident handling
Vi TĂ­nh HoĂ ng Nam
 
Lect 1 computer forensics
Lect 1 computer forensicsLect 1 computer forensics
Lect 1 computer forensics
Kabul Education University
 
CS6004 Cyber Forensics - UNIT IV
CS6004 Cyber Forensics - UNIT IVCS6004 Cyber Forensics - UNIT IV
CS6004 Cyber Forensics - UNIT IV
ArthyR3
 
Chap 1 general introduction to computer forensics
Chap 1 general introduction to computer forensicsChap 1 general introduction to computer forensics
Chap 1 general introduction to computer forensics
Malobe Lottin Cyrille Marcel
 
Lect 6 computer forensics
Lect 6 computer forensicsLect 6 computer forensics
Lect 6 computer forensics
Kabul Education University
 
Chap 2 computer forensics investigation
Chap 2 computer forensics investigationChap 2 computer forensics investigation
Chap 2 computer forensics investigation
Malobe Lottin Cyrille Marcel
 
CS6004 Cyber Forensics - UNIT V
CS6004 Cyber Forensics - UNIT VCS6004 Cyber Forensics - UNIT V
CS6004 Cyber Forensics - UNIT V
ArthyR3
 
CYBERFORENSICS
CYBERFORENSICSCYBERFORENSICS
CYBERFORENSICS
Dr. Prashant Vats
 
Lect 3 Computer Forensics
Lect 3 Computer ForensicsLect 3 Computer Forensics
Lect 3 Computer Forensics
Kabul Education University
 
Mobile Telephone & Communication Evidence
Mobile Telephone & Communication EvidenceMobile Telephone & Communication Evidence
Mobile Telephone & Communication Evidence
Cell Site Analysis (CSA)
 
Reduce Lab Backlog with Mobile Data Forensic Previews
Reduce Lab Backlog with Mobile Data Forensic PreviewsReduce Lab Backlog with Mobile Data Forensic Previews
Reduce Lab Backlog with Mobile Data Forensic Previews
Cellebrite
 
Computer Forensic Softwares
Computer Forensic SoftwaresComputer Forensic Softwares
Computer Forensic Softwares
Dhruv Seth
 
File000161
File000161File000161
File000161
Desmond Devendran
 
File000145
File000145File000145
File000145
Desmond Devendran
 

More Related Content

What's hot

File000163
File000163File000163
File000163
Desmond Devendran
 
File000114
File000114File000114
File000114
Desmond Devendran
 
File000113
File000113File000113
File000113
Desmond Devendran
 
File000154
File000154File000154
File000154
Desmond Devendran
 
File000117
File000117File000117
File000117
Desmond Devendran
 
File000119
File000119File000119
File000119
Desmond Devendran
 
File000146
File000146File000146
File000146
Desmond Devendran
 
Chfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays WorldChfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays World
gueste0d962
 
Ce hv6 module 57 computer forensics and incident handling
Ce hv6 module 57 computer forensics and incident handlingCe hv6 module 57 computer forensics and incident handling
Ce hv6 module 57 computer forensics and incident handling
Vi TĂ­nh HoĂ ng Nam
 
Lect 1 computer forensics
Lect 1 computer forensicsLect 1 computer forensics
Lect 1 computer forensics
Kabul Education University
 
CS6004 Cyber Forensics - UNIT IV
CS6004 Cyber Forensics - UNIT IVCS6004 Cyber Forensics - UNIT IV
CS6004 Cyber Forensics - UNIT IV
ArthyR3
 
Chap 1 general introduction to computer forensics
Chap 1 general introduction to computer forensicsChap 1 general introduction to computer forensics
Chap 1 general introduction to computer forensics
Malobe Lottin Cyrille Marcel
 
Lect 6 computer forensics
Lect 6 computer forensicsLect 6 computer forensics
Lect 6 computer forensics
Kabul Education University
 
Chap 2 computer forensics investigation
Chap 2 computer forensics investigationChap 2 computer forensics investigation
Chap 2 computer forensics investigation
Malobe Lottin Cyrille Marcel
 
CS6004 Cyber Forensics - UNIT V
CS6004 Cyber Forensics - UNIT VCS6004 Cyber Forensics - UNIT V
CS6004 Cyber Forensics - UNIT V
ArthyR3
 
CYBERFORENSICS
CYBERFORENSICSCYBERFORENSICS
CYBERFORENSICS
Dr. Prashant Vats
 
Lect 3 Computer Forensics
Lect 3 Computer ForensicsLect 3 Computer Forensics
Lect 3 Computer Forensics
Kabul Education University
 
Mobile Telephone & Communication Evidence
Mobile Telephone & Communication EvidenceMobile Telephone & Communication Evidence
Mobile Telephone & Communication Evidence
Cell Site Analysis (CSA)
 
Reduce Lab Backlog with Mobile Data Forensic Previews
Reduce Lab Backlog with Mobile Data Forensic PreviewsReduce Lab Backlog with Mobile Data Forensic Previews
Reduce Lab Backlog with Mobile Data Forensic Previews
Cellebrite
 
Computer Forensic Softwares
Computer Forensic SoftwaresComputer Forensic Softwares
Computer Forensic Softwares
Dhruv Seth
 

What's hot (20)

File000163
File000163File000163
File000163
 
File000114
File000114File000114
File000114
 
File000113
File000113File000113
File000113
 
File000154
File000154File000154
File000154
 
File000117
File000117File000117
File000117
 
File000119
File000119File000119
File000119
 
File000146
File000146File000146
File000146
 
Chfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays WorldChfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays World
 
Ce hv6 module 57 computer forensics and incident handling
Ce hv6 module 57 computer forensics and incident handlingCe hv6 module 57 computer forensics and incident handling
Ce hv6 module 57 computer forensics and incident handling
 
Lect 1 computer forensics
Lect 1 computer forensicsLect 1 computer forensics
Lect 1 computer forensics
 
CS6004 Cyber Forensics - UNIT IV
CS6004 Cyber Forensics - UNIT IVCS6004 Cyber Forensics - UNIT IV
CS6004 Cyber Forensics - UNIT IV
 
Chap 1 general introduction to computer forensics
Chap 1 general introduction to computer forensicsChap 1 general introduction to computer forensics
Chap 1 general introduction to computer forensics
 
Lect 6 computer forensics
Lect 6 computer forensicsLect 6 computer forensics
Lect 6 computer forensics
 
Chap 2 computer forensics investigation
Chap 2 computer forensics investigationChap 2 computer forensics investigation
Chap 2 computer forensics investigation
 
CS6004 Cyber Forensics - UNIT V
CS6004 Cyber Forensics - UNIT VCS6004 Cyber Forensics - UNIT V
CS6004 Cyber Forensics - UNIT V
 
CYBERFORENSICS
CYBERFORENSICSCYBERFORENSICS
CYBERFORENSICS
 
Lect 3 Computer Forensics
Lect 3 Computer ForensicsLect 3 Computer Forensics
Lect 3 Computer Forensics
 
Mobile Telephone & Communication Evidence
Mobile Telephone & Communication EvidenceMobile Telephone & Communication Evidence
Mobile Telephone & Communication Evidence
 
Reduce Lab Backlog with Mobile Data Forensic Previews
Reduce Lab Backlog with Mobile Data Forensic PreviewsReduce Lab Backlog with Mobile Data Forensic Previews
Reduce Lab Backlog with Mobile Data Forensic Previews
 
Computer Forensic Softwares
Computer Forensic SoftwaresComputer Forensic Softwares
Computer Forensic Softwares
 

Viewers also liked

File000161
File000161File000161
File000161
Desmond Devendran
 
File000145
File000145File000145
File000145
Desmond Devendran
 
File000142
File000142File000142
File000142
Desmond Devendran
 
File000169
File000169File000169
File000169
Desmond Devendran
 
File000136
File000136File000136
File000136
Desmond Devendran
 
File000128
File000128File000128
File000128
Desmond Devendran
 
File000149
File000149File000149
File000149
Desmond Devendran
 
File000175
File000175File000175
File000175
Desmond Devendran
 
File000139
File000139File000139
File000139
Desmond Devendran
 
File000165
File000165File000165
File000165
Desmond Devendran
 
File000171
File000171File000171
File000171
Desmond Devendran
 
File000148
File000148File000148
File000148
Desmond Devendran
 
Investigating server logs
Investigating server logsInvestigating server logs
Investigating server logs
Animesh Shaw
 
File000122
File000122File000122
File000122
Desmond Devendran
 
File000121
File000121File000121
File000121
Desmond Devendran
 
File000157
File000157File000157
File000157
Desmond Devendran
 
[Gerard blokdijk, claire_engle,_jackie_brewster]_i(book_see.org) (1)
[Gerard blokdijk, claire_engle,_jackie_brewster]_i(book_see.org) (1)[Gerard blokdijk, claire_engle,_jackie_brewster]_i(book_see.org) (1)
[Gerard blokdijk, claire_engle,_jackie_brewster]_i(book_see.org) (1)
Desmond Devendran
 
File000141
File000141File000141
File000141
Desmond Devendran
 
File000150
File000150File000150
File000150
Desmond Devendran
 
File000135
File000135File000135
File000135
Desmond Devendran
 

Viewers also liked (20)

File000161
File000161File000161
File000161
 
File000145
File000145File000145
File000145
 
File000142
File000142File000142
File000142
 
File000169
File000169File000169
File000169
 
File000136
File000136File000136
File000136
 
File000128
File000128File000128
File000128
 
File000149
File000149File000149
File000149
 
File000175
File000175File000175
File000175
 
File000139
File000139File000139
File000139
 
File000165
File000165File000165
File000165
 
File000171
File000171File000171
File000171
 
File000148
File000148File000148
File000148
 
Investigating server logs
Investigating server logsInvestigating server logs
Investigating server logs
 
File000122
File000122File000122
File000122
 
File000121
File000121File000121
File000121
 
File000157
File000157File000157
File000157
 
[Gerard blokdijk, claire_engle,_jackie_brewster]_i(book_see.org) (1)
[Gerard blokdijk, claire_engle,_jackie_brewster]_i(book_see.org) (1)[Gerard blokdijk, claire_engle,_jackie_brewster]_i(book_see.org) (1)
[Gerard blokdijk, claire_engle,_jackie_brewster]_i(book_see.org) (1)
 
File000141
File000141File000141
File000141
 
File000150
File000150File000150
File000150
 
File000135
File000135File000135
File000135
 

Similar to File000164

Expert Witness Testimony
Expert Witness TestimonyExpert Witness Testimony
Expert Witness Testimony
Ketan Patil
 
Lecture 5_ Experts _ the Justice System – Prt 2.pdf
Lecture 5_ Experts _ the Justice System – Prt 2.pdfLecture 5_ Experts _ the Justice System – Prt 2.pdf
Lecture 5_ Experts _ the Justice System – Prt 2.pdf
Alhattalizo
 
File000115
File000115File000115
File000115
Desmond Devendran
 
Digital emerging trends in computer engineering Evidences.pptx
Digital emerging trends in computer engineering Evidences.pptxDigital emerging trends in computer engineering Evidences.pptx
Digital emerging trends in computer engineering Evidences.pptx
ShubhamKadam807802
 
Digital emerging trends in computer engineering Evidences.pptx
Digital emerging trends in computer engineering Evidences.pptxDigital emerging trends in computer engineering Evidences.pptx
Digital emerging trends in computer engineering Evidences.pptx
ShubhamKadam807802
 
Daubert and Frye Law.pptx
Daubert and Frye Law.pptxDaubert and Frye Law.pptx
Daubert and Frye Law.pptx
ApurbaDas50
 
Lessons learned from the Aged Care Royal Commission Interim Report
Lessons learned from the Aged Care Royal Commission Interim Report Lessons learned from the Aged Care Royal Commission Interim Report
Lessons learned from the Aged Care Royal Commission Interim Report
JFM LAW
 
Lect 2 computer forensics
Lect 2 computer forensicsLect 2 computer forensics
Lect 2 computer forensics
Kabul Education University
 
Forensic Engineering 09
Forensic Engineering 09Forensic Engineering 09
Forensic Engineering 09
DJS Assocites & Cowan Associates
 
Who is an expert
Who is an expertWho is an expert
Who is an expert
n|u - The Open Security Community
 
Preparing to Testify About Mobile Device Evidence
Preparing to Testify About Mobile Device EvidencePreparing to Testify About Mobile Device Evidence
Preparing to Testify About Mobile Device Evidence
Cellebrite
 
Witness Familiarisation Brochure. 231116
Witness Familiarisation Brochure. 231116Witness Familiarisation Brochure. 231116
Witness Familiarisation Brochure. 231116
Alex Clements
 
Ethically Litigating Forensic Science Cases: Daubert, Dna and Beyond
Ethically Litigating Forensic Science Cases: Daubert, Dna and BeyondEthically Litigating Forensic Science Cases: Daubert, Dna and Beyond
Ethically Litigating Forensic Science Cases: Daubert, Dna and Beyond
Adam Tebrugge
 
Disconnecting the wiredwifidjuror (2)
Disconnecting the wiredwifidjuror (2)Disconnecting the wiredwifidjuror (2)
Disconnecting the wiredwifidjuror (2)
stevejudge123
 
Disconnecting the wiredwifidjuror (2)
Disconnecting the wiredwifidjuror (2)Disconnecting the wiredwifidjuror (2)
Disconnecting the wiredwifidjuror (2)
stevejudge123
 
The Expert's Role In Developing And Proving The Case
The Expert's Role In Developing And Proving The CaseThe Expert's Role In Developing And Proving The Case
The Expert's Role In Developing And Proving The Case
eratinoff
 
Ethical Issues in eDiscovery - Lessons from Qualcomm
Ethical Issues in eDiscovery - Lessons from QualcommEthical Issues in eDiscovery - Lessons from Qualcomm
Ethical Issues in eDiscovery - Lessons from Qualcomm
Klemchuk LLP
 
Lect 4 computer forensics
Lect 4 computer forensicsLect 4 computer forensics
Lect 4 computer forensics
Kabul Education University
 
Lecture 4_ Experts _ the Justice System – Prt 1 .pdf
Lecture 4_ Experts _ the Justice System – Prt 1 .pdfLecture 4_ Experts _ the Justice System – Prt 1 .pdf
Lecture 4_ Experts _ the Justice System – Prt 1 .pdf
Alhattalizo
 
U402 Part B civil procedures and the jury system
U402 Part B civil procedures and the jury system U402 Part B civil procedures and the jury system
U402 Part B civil procedures and the jury system
Crystal Delosa
 

Similar to File000164 (20)

Expert Witness Testimony
Expert Witness TestimonyExpert Witness Testimony
Expert Witness Testimony
 
Lecture 5_ Experts _ the Justice System – Prt 2.pdf
Lecture 5_ Experts _ the Justice System – Prt 2.pdfLecture 5_ Experts _ the Justice System – Prt 2.pdf
Lecture 5_ Experts _ the Justice System – Prt 2.pdf
 
File000115
File000115File000115
File000115
 
Digital emerging trends in computer engineering Evidences.pptx
Digital emerging trends in computer engineering Evidences.pptxDigital emerging trends in computer engineering Evidences.pptx
Digital emerging trends in computer engineering Evidences.pptx
 
Digital emerging trends in computer engineering Evidences.pptx
Digital emerging trends in computer engineering Evidences.pptxDigital emerging trends in computer engineering Evidences.pptx
Digital emerging trends in computer engineering Evidences.pptx
 
Daubert and Frye Law.pptx
Daubert and Frye Law.pptxDaubert and Frye Law.pptx
Daubert and Frye Law.pptx
 
Lessons learned from the Aged Care Royal Commission Interim Report
Lessons learned from the Aged Care Royal Commission Interim Report Lessons learned from the Aged Care Royal Commission Interim Report
Lessons learned from the Aged Care Royal Commission Interim Report
 
Lect 2 computer forensics
Lect 2 computer forensicsLect 2 computer forensics
Lect 2 computer forensics
 
Forensic Engineering 09
Forensic Engineering 09Forensic Engineering 09
Forensic Engineering 09
 
Who is an expert
Who is an expertWho is an expert
Who is an expert
 
Preparing to Testify About Mobile Device Evidence
Preparing to Testify About Mobile Device EvidencePreparing to Testify About Mobile Device Evidence
Preparing to Testify About Mobile Device Evidence
 
Witness Familiarisation Brochure. 231116
Witness Familiarisation Brochure. 231116Witness Familiarisation Brochure. 231116
Witness Familiarisation Brochure. 231116
 
Ethically Litigating Forensic Science Cases: Daubert, Dna and Beyond
Ethically Litigating Forensic Science Cases: Daubert, Dna and BeyondEthically Litigating Forensic Science Cases: Daubert, Dna and Beyond
Ethically Litigating Forensic Science Cases: Daubert, Dna and Beyond
 
Disconnecting the wiredwifidjuror (2)
Disconnecting the wiredwifidjuror (2)Disconnecting the wiredwifidjuror (2)
Disconnecting the wiredwifidjuror (2)
 
Disconnecting the wiredwifidjuror (2)
Disconnecting the wiredwifidjuror (2)Disconnecting the wiredwifidjuror (2)
Disconnecting the wiredwifidjuror (2)
 
The Expert's Role In Developing And Proving The Case
The Expert's Role In Developing And Proving The CaseThe Expert's Role In Developing And Proving The Case
The Expert's Role In Developing And Proving The Case
 
Ethical Issues in eDiscovery - Lessons from Qualcomm
Ethical Issues in eDiscovery - Lessons from QualcommEthical Issues in eDiscovery - Lessons from Qualcomm
Ethical Issues in eDiscovery - Lessons from Qualcomm
 
Lect 4 computer forensics
Lect 4 computer forensicsLect 4 computer forensics
Lect 4 computer forensics
 
Lecture 4_ Experts _ the Justice System – Prt 1 .pdf
Lecture 4_ Experts _ the Justice System – Prt 1 .pdfLecture 4_ Experts _ the Justice System – Prt 1 .pdf
Lecture 4_ Experts _ the Justice System – Prt 1 .pdf
 
U402 Part B civil procedures and the jury system
U402 Part B civil procedures and the jury system U402 Part B civil procedures and the jury system
U402 Part B civil procedures and the jury system
 

More from Desmond Devendran

Siam key-facts
Siam key-factsSiam key-facts
Siam key-facts
Desmond Devendran
 
Siam foundation-process-guides
Siam foundation-process-guidesSiam foundation-process-guides
Siam foundation-process-guides
Desmond Devendran
 
Siam foundation-body-of-knowledge
Siam foundation-body-of-knowledgeSiam foundation-body-of-knowledge
Siam foundation-body-of-knowledge
Desmond Devendran
 
Enterprise service-management-essentials
Enterprise service-management-essentialsEnterprise service-management-essentials
Enterprise service-management-essentials
Desmond Devendran
 
Service Integration and Management
Service Integration and Management Service Integration and Management
Service Integration and Management
Desmond Devendran
 
Diagram of iso_22301_implementation_process_en
Diagram of iso_22301_implementation_process_enDiagram of iso_22301_implementation_process_en
Diagram of iso_22301_implementation_process_en
Desmond Devendran
 
CHFI 1
CHFI 1CHFI 1
CHFI 1
Desmond Devendran
 
File000174
File000174File000174
File000174
Desmond Devendran
 
File000173
File000173File000173
File000173
Desmond Devendran
 
File000170
File000170File000170
File000170
Desmond Devendran
 
File000162
File000162File000162
File000162
Desmond Devendran
 
File000160
File000160File000160
File000160
Desmond Devendran
 
File000159
File000159File000159
File000159
Desmond Devendran
 
File000158
File000158File000158
File000158
Desmond Devendran
 
File000156
File000156File000156
File000156
Desmond Devendran
 
File000155
File000155File000155
File000155
Desmond Devendran
 
File000153
File000153File000153
File000153
Desmond Devendran
 

More from Desmond Devendran (17)

Siam key-facts
Siam key-factsSiam key-facts
Siam key-facts
 
Siam foundation-process-guides
Siam foundation-process-guidesSiam foundation-process-guides
Siam foundation-process-guides
 
Siam foundation-body-of-knowledge
Siam foundation-body-of-knowledgeSiam foundation-body-of-knowledge
Siam foundation-body-of-knowledge
 
Enterprise service-management-essentials
Enterprise service-management-essentialsEnterprise service-management-essentials
Enterprise service-management-essentials
 
Service Integration and Management
Service Integration and Management Service Integration and Management
Service Integration and Management
 
Diagram of iso_22301_implementation_process_en
Diagram of iso_22301_implementation_process_enDiagram of iso_22301_implementation_process_en
Diagram of iso_22301_implementation_process_en
 
CHFI 1
CHFI 1CHFI 1
CHFI 1
 
File000174
File000174File000174
File000174
 
File000173
File000173File000173
File000173
 
File000170
File000170File000170
File000170
 
File000162
File000162File000162
File000162
 
File000160
File000160File000160
File000160
 
File000159
File000159File000159
File000159
 
File000158
File000158File000158
File000158
 
File000156
File000156File000156
File000156
 
File000155
File000155File000155
File000155
 
File000153
File000153File000153
File000153
 

Recently uploaded

Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
IndexBug
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
Jakub Marek
 
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxOcean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
SitimaJohn
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
Mariano Tinti
 
Project Management Semester Long Project - Acuity
Project Management Semester Long Project - AcuityProject Management Semester Long Project - Acuity
Project Management Semester Long Project - Acuity
jpupo2018
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
Zilliz
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
Jason Packer
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Tosin Akinosho
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
panagenda
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
Chart Kalyan
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
DanBrown980551
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Speck&Tech
 
WeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation TechniquesWeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation Techniques
Postman
 
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
saastr
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
MichaelKnudsen27
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
Brandon Minnick, MBA
 

Recently uploaded (20)

Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
 
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxOcean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
 
Project Management Semester Long Project - Acuity
Project Management Semester Long Project - AcuityProject Management Semester Long Project - Acuity
Project Management Semester Long Project - Acuity
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
 
WeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation TechniquesWeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation Techniques
 
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
 

File000164

  • 1. Module LI - Becoming an Expert Witness
  • 2. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited News: The Prosecution of Julie Amero Source: http://www.reason.com
  • 3. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Scenario Bobo, Raymond E. Wells Junior High School teacher was alleged that she had sex with a male student. Shue, the attorney called Sgt. Adam Holland, a computer forensics expert with the Fort Smith Police Department as a rebuttal witness and asked him to explain the testimony of the activity that occurred on Bobo’s computer the day the computer was seized. The defense suggested that someone tampered with the computer. Holland said the activity was caused by programs that run automatically, including a weather program. If someone had turned the computer back on after police disconnected it, there would have been evidence of that, but there was none.
  • 4. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Module Objective • What is an expert witness? • Role of an expert witness • Types of expert witnesses • Preparing for a testimony • Rules pertaining to an expert witness’ qualification • Testifying in the court • Testifying during direct and cross-examination • Deposition • Dealing with media This module will familiarize you with:
  • 5. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Module Flow What is an Expert Witness? Role of an expert witness Types of expert witnesses Testifying in the court Rules pertaining to an expert witness’ qualification Preparing for Testimony Testifying during Direct and Cross-examination Deposition Dealing with media
  • 6. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited What is an Expert Witness “An expert witness is a witness, who by virtue of education, profession, or experience, is believed to have special knowledge of his/her subject beyond that of the average person, sufficient that others legally depend upon his/her opinion”
  • 7. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Role of an Expert Witness • Evaluates the evidence • Assists plaintiff’s or defendant’s lawyers to establish facts, assess the merits, and help in the preparation of a case, including the initial decision whether to start a litigation or not • Testifies in court • Assists the court in understanding intricate technical evidence • Helps the attorney to get to the truth • Truthfully, objectively, and fully express his or her expert opinion, without regard to any views or influence • Conducts investigations on behalf of the court and reports the findings back to the court • Participates in court-appointed expert witness conferences to study any intriguing incident • Educates the public and the court An expert witness is a person who:
  • 8. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited What Makes a Good Expert Witness? Good experts can talk to the jurors in a way that shows they have confidence in their case and they are sincere, without seeming like an advocate Experts need to change the complicated material into understandable material so that the lay audience can understand easily Observe jurors to identify the level of interest, make a note of which juror is sleeping and uninterested Avoid overextending opinions Develop repetition into details and descriptions for the jury Augment your image with the jury by following a formal dress code
  • 9. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Types of Expert Witnesses Computer Forensics Experts Medical & Psychological Experts Civil Litigation Experts Construction & Architecture Experts Criminal Litigation Experts
  • 10. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Computer Forensics Experts Computer Forensics’ experts locate and recover information through electronic discovery, while protecting the evidentiary quality of findings Their opinions are required to interpret the evidence produced before the court for both legal teams and jurors • Computer forensics • Email systems • Financial Systems • Credit Card Processing Systems • Airline Reservation Systems Computer forensics expert should have knowledge about:
  • 11. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Role of Computer Forensics Expert Examines personal computers Examines emails Determines date, time, and author of certain files Testifies witnesses, defendants, or prosecution Examines all the case documentation Prepares a report for submission to the lawyers or jury Helps the court in understanding the report which relates to the case Reviews all the files Decrypts the encrypted files Opens the password protected files Finds the deleted files if any
  • 12. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Medical & Psychological Experts • Physical injury • Subjective tenderness described by the victim • Stains or substances found on the victim's body Findings documented during forensic medical examination include: Medical professionals such as physicians, physicians' assistants, and nurses describe the process of examining the victim and physical findings that were observed and explained
  • 13. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Civil Litigation Experts Civil litigation experts explain the process for collecting and analyzing evidence to jurors They explain the realities of the process and correct false assumptions regarding crime scene evidence
  • 14. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Construction & Architecture Experts • Expert witness testimony • Pretrial assessment • Claims • Accident Investigations • Construction defects • Estimating and analyzing the schedule of construction Practice of construction and architecture experts include:
  • 15. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Criminal Litigation Experts • They are generally accessible and cooperative • They will not expect to be paid for their services Advantages of using a victim advocate: • Sometimes testimony may be tarnished with cross- examination regarding the reputation of the individual and/or the rape crisis agency Disadvantages of using a victim advocate: Victim advocates are frequently asked to testify in cases involving a sexual attack They are qualified by the court to address the behavior of the defendant or characteristics of crime
  • 16. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Scope of Expert Witness Testimony • Alcohol intoxication • Automobile and airplane crashes • Ballistics • Bite mark analysis • Blood grouping tests and blood spatter analysis • DNA (Deoxyribonucleic Acid) TESTS • Document examination • Drug courier profiling and profiling in general • Speed detection readings – radar • Physical and mental condition • Eyewitness identification The scope of the expert witness testimony includes the following areas of expertise:
  • 17. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Scope of Expert Witness Testimony (cont’d) • Fingerprint identification • Firearms identification • Forensic anthropology • Forensic biology • Forensic engineering • Forensic odontology • Voice print analysis • Truth serum results • Toxicology • Toxicology • Sketch artist • Photography The scope of the expert witness testimony includes the following areas of expertise:
  • 18. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Technical Witness vs. Expert Witness • Does the actual fieldwork • Submits only the results of his findings • Does not offer a view in court • Provides facts found in investigation • Prepares testimony • Does not offer conclusions A technical witness is an individual who: • Has absolute field knowledge • Offers a view in court • Has opinions based on observations • Works for the attorney An expert witness is an individual who:
  • 19. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Preparing for Testimony • Go through the document thoroughly • Establish early communication with the attorney • Determine the basic facts of the case before beginning and examining the evidence • Substantiate the findings: • With documentation • By collaborating with other computer forensic professionals • Detect conflict of interest • Avoid conflicting out practice While preparing for testimony:
  • 20. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Evidence Preparation and Documentation Document every important aspect in the case during investigations Safeguard the integrity of all gathered evidence Catalog and index is easy to understand Use professional experience and request peer reviews to support the findings
  • 21. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Evidence Processing Steps Examine, preserve, monitor, and authenticate the documentation Create different checklists for different evidence analysis Avoid personal comments or ideas in these notations Note any successful output Validate evidence using hash algorithms Search for keywords using well-defined parameters • List relevant evidence on the report Make simple and precise notes of the investigation
  • 22. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Evidence Processing Steps (cont’d) • To prove them repeatable Document the steps Collect the evidence and document employed tools Preserve the evidence Maintain the chain of custody Collect the right information
  • 23. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Checklists for Processing Evidence Use Digital Signatures to find the evidence Use SHA-1 for evidence validation • MD5 or CRC32 can be used if SHA-1 is absent • An MD5 or SHA-1 hash check before and after evidence examination would ensure the integrity of the evidence Use well-defined search parameters while searching for key results, which • Helps in narrowing the search • Avoids false hits While writing the report, list only the evidence findings that are relevant to the case • Never use formal checklist • Do not include checklist in the final report • Opposing attorneys can challenge them
  • 24. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Examining Computer Evidence Examine e-mails Review all the files Decrypt the encrypted files Open password protected files Determine date, time, and author of certain files Find the deleted files if any
  • 25. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Prepare the Report Ask the legal representative to list the document that should be expressed in the expert report Write a statement that should be related to all opinions and the basis and reasons for those opinions Document the data and information considered in making the opinions List the evidence used as summary or support for the opinions List of cases in which you have provided evidence as an expert at examination
  • 26. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Evidence Presentation Identify evidence to defend opinion Reaffirm your opinion Never exaggerate opinions Be prepared to defend your opinion Recall definitions Gather information about the opposing attorney and expert Do not talk with anybody during court recess
  • 27. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Rules Pertaining to an Expert Witness’ Qualification • Four years of previous testimony (indicates experience) • Ten years of any published literature • Previous payment received when giving testimony According to USA federal rules, to be present as an expert witness in a court, following information must be furnished:
  • 28. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Rules Pertaining to an Expert Witness’ Qualification (cont’d) Do not record conversations or telephone calls Learn about all other people involved and basic points in dispute Define analysis procedures Do not keep secrets from the client's legal team Do not agree to testify on subject matters for which you are not an expert or on which you do not believe Never exaggerate or fudge details, stick with the facts in evidence Do not be intimidated by the process
  • 29. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Rules Pertaining to an Expert Witness’ Qualification (cont’d) Do not write, FAX, e-mail, or communicate in any other way, unless explicitly instructed to do so Do not do research and analysis you have not been asked to do and respect the guidelines imposed by the client's legal team Do not ever permit compensation to be tied to the outcome of the litigation Do not let the client's legal team form opinions, if they insist, resign from the case Never compromise integrity for any reason or any way
  • 30. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Daubert Standard The Daubert standard is a legal precedent set in 1993 by the Supreme Court of the United States regarding the admissibility of expert witnesses' testimony during federal legal proceedings In order to reject the presentation of unqualified evidence to the jury, the Daubert motion takes place before or during trail Trial judges make a decision whether the evidence is both relevant and reliable Expert’s evidence can be decided based on the facts of the case The expert should derive his or her conclusions from scientific method in order to consider the evidence reliable
  • 31. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Frye Standard Frye standard is a legal precedent regarding the admissibility of scientific examinations or experiments in legal cases To meet the Frye standard, scientific evidence submitted in the court should be accepted as an important part of the associated scientific community It can be applied to procedures, principles, and analysis presented in the court case In this standard, supporters of a particular scientific issue should provide a number of experts to speak about the science behind the issue in question It is not an appropriate test for voice identification evidence
  • 32. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Importance of Resume • Certifications/credentials/accomplishments • Recent work as an expert witness or testimony log • Expertise • List of books written, if any • Any training undergone • Referrals and contacts • List basic and advance skills The following things must be kept in mind while preparing a resume: Resume shows the capability of an expert witness Update the resume regularly
  • 33. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Testifying in the Court Familiarize with the usual procedures that are followed during a trial The attorney introduces the expert witness with high regards The opposing counsel may try to discredit the expert witness The attorney would lead the expert witness through the evidence Later, it is followed by the cross examination with the opposing counsel
  • 34. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited The Order of Trial Proceedings • Objections to particular testimonies are written in the form of lists • Allows judge to examine whether certain evidence should be admitted in the absence of the jury Motion in beginning: • Offers an outline of the case Opening the Statement: • The attorney and the opposing counsel presents the case Plaintiff and defendant:
  • 35. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited The Order of Trial Proceedings (cont’d) • Cross examination by both plaintiff and defendant Rebuttal session • Proposed by the counsel • Approved and read by the judge to the jury Jury orders • Statements that organize the evidence and the law Closing arguments
  • 36. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited General Ethics while Testifying • Be professional, polite, and sincere in testimony • Always pay tribute to the jury • Be enthusiastic during testimony • Keep the jury interested in speech • Be aware and prepare for the possible rebuttal questions especially from the opposing counsel • Show an open physical and psychological attitude to the Jurors • It is more important to maintain visual control in the courtroom • Maintain a steady body expression with balanced stance without revealing any nervousness • Avoid leanings • Develop self confidence and create personal space for winning professional style in the courtroom Ethics to be followed while presenting as an expert witness to any court or an attorney:
  • 37. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Importance of Graphics in a Testimony Use clear and easily understandable graphical demonstrations Make graphical demonstrations such as charts • To illustrate and elucidate your findings Make sure the graphics are seen by the jury Face the jury while exhibiting these graphics Make it a habit of using charts and tables for courtroom testimony
  • 38. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Helping your Attorney • Enable the attorney to get the expert’s testimony into the trial • Provide a practice in the testimony for direct examination • Help the attorney to review and improve on how he or she wants to try the case Prepare a list of questions that are important • Communicate the message to the jury Develop a script and work with the attorney to get the perfect language
  • 39. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Avoiding Testimony Issues Offer clear opinions Outline your boundaries of knowledge and ethics Create a case outline and summary for the attorney, which • Enables reviewing of the case plan • Offers a clear overview of the level of knowledge used in the case Make the best effort to coordinate testimony with other experts, who are retained by your attorney for the same case Meet with the paralegal to communicate necessary information to your attorney • Paralegal is a person with special training in either a specific or general area of law
  • 40. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Testifying during Direct Examination Direct examination is an important part of a testimony during a trial that offers a clear overview of all the findings Create an easy-to-follow and systematic plan for describing evidence collection methods Be lucid while describing complicated concepts Determine the speech to the education level of the jury
  • 41. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Testifying during Direct Examination (cont’d) • Allows you to maintain control over the opposing counsel Turn towards the jury slowly while giving your response, which The opposing counsel has the opportunity to ask questions about the expert witness’ testimony and evidence Do not offer guesses when asked something irrelevant to the case Use your own words and phrases when answering the opposing counsel Speak slowly as the best offense to problematic questions is to be patient with answers
  • 42. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Testifying during Cross-Examination (cont’d) • Be prepared for challenging pre-constructed questions • Be prepared for rapid-fire questions • Be prepared for nested questions • Some questions cause conflicting answers • Attorneys make speeches and phrase them as questions • Be patient • Keep vigorous conduct and use energetic speech • Avoid feeling stressed and losing control • State background and qualifications • Balance the language • Practice testifying • Be fair • Avoid ambiguity Recommendations and practices:
  • 43. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Deposing • Both attorneys are present • No jury or judge • Opposing counsel asks questions Deposing differs from a trial as: • Enables opposing counsel to preview your testimony at trial Purpose of a Deposing The attorney fixes a location for the deposing
  • 44. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Recognizing Deposing Problems Discuss any problem before deposing to • Identify any negative aspect Be prepared to defend Avoid: • Omitting information • Having the attorney box into a corner • Contradictions Be professional and polite when giving opinions about opposite experts
  • 45. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Guidelines to Testify at a Deposing Convey a calm, relaxed, confident, and professional appearance during a deposition Do not get influenced by the opposing counsel’s tone or expression or tactics Use the opposing counsel’s name while responding him/her and reply confidently Maintain eye contact with the opposing counsel Keep your hands on the table and hold out your elbows which makes you appear more open and friendly Be professional and polite Use facts when describing the opinion Ask attorney questions for opposing the case
  • 46. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Dealing with Media • It is unpredictable what the journalists might publish • The comments might influence the case • It can create a record for future testimony, which can be used against you Avoid conversing with the media because: Avoid contact with media during a case Do not give opinions about the trial to media but simply refer to the attorney
  • 47. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Finding a Computer Forensic Expert Contact professional associations and gather the information of members Check with the non-commercial electronic evidence information centre which provides detailed information of the forensics experts • http://www.logicforce.com/ • http://www.htcia.org/ Some of the organizations which provide computer forensics expert services:
  • 48. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Learn more about “ Expert Witness” in the Movie “My Cousin Vinny”
  • 49. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Summary “An expert witness is a witness, who by virtue of education, profession or experience, is believed to have special knowledge of his subject beyond that of the average person, sufficient that others legally depend upon his opinion” Assists plaintiff’s or defendant’s lawyers to establish facts, assess the merits and help in the preparation of a case, including the initial decision whether to start a litigation or not Determine the basic concepts of the case before beginning and examining the process of evidence Direct examination is an important part of a testimony during a trial that offers a clear overview of all the findings
  • 50. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
  • 51. EC-Council Copyright Š by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited