This document discusses the requirements for setting up a computer forensic lab, including physical security, fire safety, evidence storage, and necessary equipment. It recommends that the lab have access to emergency services, proper lighting and ventilation. Workstations should be shielded from electromagnetic signals and the lab built in a low-traffic area. Evidence lockers must be securely stored and monitored. The lab also requires equipment like additional hard drives, tape drives, bandwidth, and an uninterruptible power supply. Forensic workstations need high-powered processors and storage for multiple operating systems and software tools.

1. Computer Forensic Lab
Presented by
Sabto Prabowo
4711010010

2. What is Computer Forensic Lab?
Its a lab/workshop who serve
requirements of a forensic and
what equipment is needed.

3. Physical Security Needs of a Forensic
Lab
●
Access to emergency services
●
Lighting at the site
●
Physical environment of the lab
●
Structural design of parking

4. Physical Security Recomendation For
A Lab
Basic Requirements
●
name of the visitor
●
date and time of the visit
●
purpose of the visit
●
name of the official the visitor has come to see
●
place the visitor has come from
●
address of the visitor

5. Physical Security Recomendation For
A Lab
Workstation Security
Workstations should be shielded from transmitting
electromagnetic signals. It is a known fact that
electronic equipment emits electromagnetic radiation.
There are certain pieces of equipment that can
intercept this radiation.

6. Fire Safety
Fire can be disastrous in a forensic lab. Any electrical
device can be a source of fire, though this does not
gen erally happen with computers. On a few
occasions, short circuits can also damage cables
These short circuits might even ignite flammable items
close by.

7. Evidence Locker Recommendation
The containers used to store evidence must be secured
so that unauthorized persons cannot access the
evidence. They should be located in a restricted area
that is only accessible to lab personnel. All evidence
containers must be monitored, and they must be
locked when not in use.

8. Checking Security of Forensic Lab
• Examine the ceiling, floor, and exterior walls of
the lab at least once a month to check for
structural integrity.
• Examine the doors to ensure they close and lock
correctly.
• Check if the locks are working properly or if they
need to be replaced.
• Examine the log register to make sure all entries
are correct and complete.
• Check the log sheets for evidence containers to
check when the containers were opened and

9. Work Area in Computer Security Lab
The forensic lab should be built in an area where human
traffic is light. An ideal lab consists of two forensic
workstations and one ordinary workstation with
Internet connectivity. The number of forensic
workstations varies according to the number of cases
and processes handled in the lab.

10. General Config of Conputer Security
Lab
●
Workstation
●
Uniterruptable Power Supply
●
Bookracks
●
Necessary Software
●
References Materials
●
Safe Locker and Storage shelf
●
LAN and Internet Connectivity

11. Equipment Required in a Forensic Lab
Common Needs
●
Cabinets
●
Printer and Scanner
●
Additional Hard Drives
●
Tape Drives

12. Equipment Required in a Forensic Lab
Communication Needs
●
Bandwidth
●
Dial-Up / Broadband Access
●
Local Network

13. Equipment Required in a Forensic Lab
Electrical Needs
●
Amperage
●
Emergency Power and Lighting
●
Electrical Outlets
●
Uniterruptable Power Supply

14. Basic Workstation Requirements in a
Forensic Lab
• Processor with high computing speed
• 256 MB RAM for satisfying minimum processing requirements
• DVD-ROM with read/write capabilities
• Motherboard that supports IDE, SCSI, and USB, with a slot for a
LAN/WAN card and a fan attached for cooling the processor
• Tape drive, USB drive, and removable drive bays
• Monitor, keyboard, and mouse
• Minimum of two hard drives for loading two different operating
systems, preferably Windows XP and Linux

15. Maintaining Operating System and
Application Inventories
●
Windows Vista, XP, 2003, and 2000 operating systems
●
Linux, Unix, and Mac OS X operating systems
●
Microsoft Office XP, 2007, 2003, 2000, 97, and 95
●
Quicken
●
Programming language applications such as Visual
Studio
●
Specialized viewers such as QuickView and ACDSee

16. Maintaining Operating System and
Application Inventories
●
Specialized viewers such as QuickView and ACDSee
●
Corel Office Suite
●
StarOffice/OpenOffice
●
Peachtree accounting applications
●
Older operating systems and applications such as MS-
DOS, Windows 3.11, and Novell for examining older
systems

17. Maintaining Operating System and
Application Inventories
●
Forensic software with advanced features and
functionalities, such as:
●
Bit-stream backup utilities
●
Password recovery tools
●
Recovery tools for deleted data
●
Partition recovery tools
●
Searching tools
●
Firewalls and intrusion detection systems
●
Updated antivirus software

18. Required Forensic Tools
●
Storage Bags
●
Remote Chargers
●
Write Block Protection Device
●
Data Acquisition Tools
●
Forensic Archives and Restore Devices
●
Mobile Forensic Laptops
●
Forensic Workstations
●
Imaging Workstations
●
Additional Software

19. Thank you so much