Uploaded bysabtolinux
PPT, PDF362 views

Latihan4 comp-forensic-bab3

Computer forensic investigation involves collecting, examining, and analyzing digital evidence for legal cases or corporate inquiries. It includes developing policies and procedures for the computer forensic unit, such as case management and evidence handling. When investigating a potential company policy violation, the company must inform employees of relevant policies and enforce them to prevent wasted resources. Proper legal considerations are important before starting an investigation to ensure compliance with relevant statutes. A 10-step process for preparing for a computer forensic investigation includes securing relevant media, obtaining identifying information, maintaining a chain of custody, and creating search keywords.

Embed presentation

Download to read offline
Computer Investigation Process Presented By Sabto Prabowo
What is Computer Investigation Process? how to search for and collect evidence that can be used in a legal case or for a corporate inquiry, how to examine and analyze this evidence, and other matters related to forensic cases.
Policy and Procedure Development - A mission statement - The personnel requirements for the computer forensic unit - Administrative considerations - Submission and retrieval of computer forensic service requests - Implementation of case-management procedures - Handling of evidence - Development of case-processing procedures - Development of technical procedures
Investigating a Company Policy Violation Implementing and Enforcing Company Policy To effectively implement such policies, the company needs to inform each employee of the company policy. Employees who use company resources such as Internet or computer systems for personal use not only violate company policies but also waste resources, time, and money.
Before Starting the Investigation Legal Considerations Some important legal points an investigator should keep in mind are: • Ensuring the scope of the search • Checking for possible issues related to the federal statutes applicable (such as the Electronic Communications Privacy Act of 1986 [ECPA] and the Cable Communications Policy Act [CCPA], both as amended by the USA PATRIOT Act of 2001, and the Privacy Protection Act of 1980 [PPA]), state statutes, and local policies and laws
10 Steps to Prepare for a Computer Forensic Investigation 1. Do not turn the computer off or on, run any programs, or attempt to access data on the computer. An expert will have the appropriate tools and experience to prevent data overwriting, damage from static electricity, or other concerns. 2. Secure any relevant media—including hard drives, laptops, BlackBerrys, PDAs, cell phones, CDROMs, DVDs, USB drives, and MP3 players—the subject may have used. 3. Suspend automated document destruction and recycling policies that may pertain to any relevant media or users at the time of the issue.
10 Steps to Prepare for a Computer Forensic Investigation 4. Identify the type of data you are seeking, the information you are looking for, and the urgency level of the examination. 5. Once the machine is secured, obtain information about the machine, the peripherals, and the network to which it is connected. 6. If possible, obtain passwords to access encrypted or password-protected files. 7. Compile a list of names, e-mail addresses, and other identifying information about those with whom the subject might have communicated.
10 Steps to Prepare for a Computer Forensic Investigation 8. If the computer is accessed before the forensic expert is able to secure a mirror image, note the user(s) who accessed it, what files they accessed, and when the access occurred. If possible, find out why the computer was accessed. 9. Maintain a chain of custody for each piece of original media, indicating where the media has been, whose possession it has been in, and the reason for that possession. 10. Create a list of key words or phrases to use when searching for relevant data.
Collecting The Evidence - Obtaining a search warrant - Preparing for searched - Searches for warrant - Performing a Preliminary Assessment - Examining and Collecting Evidence - Acquiring the Subject Evidence - Methods of Collecting Evidence - Securing the Computer Evidence - Processing Location Assessment - Chain-of-Evidence Form
Examining the Digital Evidence - Understanding Bit-Stream Copies - Imaging - Making a Bit-Stream Copy Using MS-DOS - Acquiring a Bit-Stream Copy of a Floppy Disk Using Image - Making a Bit-Stream Copy of Evidence Using Image - Write Protection - Evidence Assessment
Examining the Digital Evidence - Evidence Examination - Analysis of Extracted Data - Time-Frame Analysis - Data-Hiding Analysis - Application and File Analysis - Ownership and Possession - Documenting and Reporting - The Final Report
THANKS FOR YOUR ATTENTION!

More Related Content

PPTX
computer forensics
byshivi123456
 
PDF
Computer Forensic
byNovizul Evendi
 
PPT
Codebits 2010
byTiago Henriques
 
PPTX
Computer forensics
byRamesh Ogania
 
PPTX
Lect 3 Computer Forensics
byKabul Education University
 
PDF
Computer forensic
bySinggih Prasetya
 
PPTX
computer forensics
byVaibhav Tapse
 
PPTX
cyber Forensics
byMuzzammil Wani
 
computer forensics
byshivi123456
 
Computer Forensic
byNovizul Evendi
 
Codebits 2010
byTiago Henriques
 
Computer forensics
byRamesh Ogania
 
Lect 3 Computer Forensics
byKabul Education University
 
Computer forensic
bySinggih Prasetya
 
computer forensics
byVaibhav Tapse
 
cyber Forensics
byMuzzammil Wani
 

What's hot

PDF
Computer Forensics: You can run but you can't hide
byAntonio Sanz Alcober
 
PPT
Computer Forensics
byNeilg42
 
PPTX
Computer forensics powerpoint presentation
bySomya Johri
 
PDF
CS6004 Cyber Forensics
byKathirvel Ayyaswamy
 
PPTX
Lect 5 computer forensics
byKabul Education University
 
PPTX
Computer Forensics
byDaksh Verma
 
PDF
An introduction to cyber forensics and open source tools in cyber forensics
byZyxware Technologies
 
PPTX
Computer forensic
bybhavithd
 
PPTX
Cyber forensic-Evedidence collection tools
byN.Jagadish Kumar
 
PPTX
Digital&computforensic
byRahul Badekar
 
PPTX
Computer Forensics
byOne97 Communications Limited
 
PDF
CS6004 Cyber Forensics - UNIT IV
byArthyR3
 
DOCX
E discovery2
byelijaht
 
PPTX
Lect 6 computer forensics
byKabul Education University
 
PPTX
Digital investigation
byunnilala11
 
PPTX
Computer Forensics ppt
byOECLIB Odisha Electronics Control Library
 
PDF
Computer forensic
byibraheem ogundele
 
PPTX
Intro to cyber forensics
byChaitanya Dhareshwar
 
PPTX
Digital Forensics Workshop
byTim Fletcher
 
PPTX
Cyber forensic 1
byanilinvns
 
Computer Forensics: You can run but you can't hide
byAntonio Sanz Alcober
 
Computer Forensics
byNeilg42
 
Computer forensics powerpoint presentation
bySomya Johri
 
CS6004 Cyber Forensics
byKathirvel Ayyaswamy
 
Lect 5 computer forensics
byKabul Education University
 
Computer Forensics
byDaksh Verma
 
An introduction to cyber forensics and open source tools in cyber forensics
byZyxware Technologies
 
Computer forensic
bybhavithd
 
Cyber forensic-Evedidence collection tools
byN.Jagadish Kumar
 
Digital&computforensic
byRahul Badekar
 
Computer Forensics
byOne97 Communications Limited
 
CS6004 Cyber Forensics - UNIT IV
byArthyR3
 
E discovery2
byelijaht
 
Lect 6 computer forensics
byKabul Education University
 
Digital investigation
byunnilala11
 
Computer Forensics ppt
byOECLIB Odisha Electronics Control Library
 
Computer forensic
byibraheem ogundele
 
Intro to cyber forensics
byChaitanya Dhareshwar
 
Digital Forensics Workshop
byTim Fletcher
 
Cyber forensic 1
byanilinvns
 

Viewers also liked

PDF
Uu kup-001-13-uu kup 2013-00 mobile
byFarah Nabilah
 
PPT
Latihan8 comp-forensic-bab5
bysabtolinux
 
PPT
Latihan2 comp-forensic
bysabtolinux
 
PPT
Kasus cybercrime
bysabtolinux
 
PPT
Latihan7 comp-forensic-bab6
bysabtolinux
 
PDF
BriMor Labs Live Response Collection
byBriMorLabs
 
PDF
Gummer BruCON0x07
byxgusix
 
PPT
Latihan9 comp-forensic-bab6
bysabtolinux
 
PDF
Building an enterprise forensics response service
bySeccuris Inc.
 
PPTX
Computer forensic 101 - OWASP Khartoum
byOWASP Khartoum
 
PPTX
Incident Response in the age of Nation State Cyber Attacks
byResilient Systems
 
Uu kup-001-13-uu kup 2013-00 mobile
byFarah Nabilah
 
Latihan8 comp-forensic-bab5
bysabtolinux
 
Latihan2 comp-forensic
bysabtolinux
 
Kasus cybercrime
bysabtolinux
 
Latihan7 comp-forensic-bab6
bysabtolinux
 
BriMor Labs Live Response Collection
byBriMorLabs
 
Gummer BruCON0x07
byxgusix
 
Latihan9 comp-forensic-bab6
bysabtolinux
 
Building an enterprise forensics response service
bySeccuris Inc.
 
Computer forensic 101 - OWASP Khartoum
byOWASP Khartoum
 
Incident Response in the age of Nation State Cyber Attacks
byResilient Systems
 

Similar to Latihan4 comp-forensic-bab3

PPT
Basics of Digital Forensics Techniques.ppt
byNaeemAijazYousfani
 
PPT
Chapter 2 - Understanding Computer Investigations.ppt
bykong100
 
PPT
CF.ppt
byKhusThakkar
 
PPTX
Computer forensics and its role
bySudeshna Basak
 
PDF
File000115
byDesmond Devendran
 
PPTX
Business Intelligence (BI) Tools For Computer Forensic
byDhiren Gala
 
PPT
Cyber forensics
bypranjal dutta
 
PPTX
PACE-IT, Security+ 2.4: Basic Forensic Procedures
byPace IT at Edmonds Community College
 
PDF
Computer forencis
byTeja Bheemanapally
 
PPT
Cyber forensic standard operating procedures
bySoumen Debgupta
 
PPT
Ch 3C Processing Crime and Incident Scenes.ppt
bywhbwi21Basri
 
PPTX
Analysis of digital evidence
byrakesh mishra
 
PPT
cyber forensics - TYPES OF CYBER FORENSICS.ppt
bymcjaya2024
 
PDF
Test Bank for Guide to Computer Forensics and Investigations, 5th Edition
bykaytibhurke
 
PPTX
Chap 2 computer forensics investigation
byMalobe Lottin Cyrille Marcel
 
PPT
Evidence Seizure Ctin Version Draft Sent To Sandy For Polishing
byCTIN
 
PPT
Evidence Seizure
byCTIN
 
PPTX
Chapter 3 cmp forensic
byshahhardik27
 
PPTX
Introduction of Computer Forensics123.pptx
bysurajdhapshi07
 
PPTX
computer-forensics-8727-OHvDvOm.pptx
byDaniyaHuzaifa
 
Basics of Digital Forensics Techniques.ppt
byNaeemAijazYousfani
 
Chapter 2 - Understanding Computer Investigations.ppt
bykong100
 
CF.ppt
byKhusThakkar
 
Computer forensics and its role
bySudeshna Basak
 
File000115
byDesmond Devendran
 
Business Intelligence (BI) Tools For Computer Forensic
byDhiren Gala
 
Cyber forensics
bypranjal dutta
 
PACE-IT, Security+ 2.4: Basic Forensic Procedures
byPace IT at Edmonds Community College
 
Computer forencis
byTeja Bheemanapally
 
Cyber forensic standard operating procedures
bySoumen Debgupta
 
Ch 3C Processing Crime and Incident Scenes.ppt
bywhbwi21Basri
 
Analysis of digital evidence
byrakesh mishra
 
cyber forensics - TYPES OF CYBER FORENSICS.ppt
bymcjaya2024
 
Test Bank for Guide to Computer Forensics and Investigations, 5th Edition
bykaytibhurke
 
Chap 2 computer forensics investigation
byMalobe Lottin Cyrille Marcel
 
Evidence Seizure Ctin Version Draft Sent To Sandy For Polishing
byCTIN
 
Evidence Seizure
byCTIN
 
Chapter 3 cmp forensic
byshahhardik27
 
Introduction of Computer Forensics123.pptx
bysurajdhapshi07
 
computer-forensics-8727-OHvDvOm.pptx
byDaniyaHuzaifa
 

More from sabtolinux

PPT
Latihan7 comp-forensic-bab6
bysabtolinux
 
PPT
Latihan6 comp-forensic-bab5
bysabtolinux
 
PPT
Latihan3 comp-forensic-bab2
bysabtolinux
 
PPT
Latihan1 comp-forensic
bysabtolinux
 
PPT
Latihan 1 computer forensic
bysabtolinux
 
PDF
Macam2 sertifikasi linux
bysabtolinux
 
Latihan7 comp-forensic-bab6
bysabtolinux
 
Latihan6 comp-forensic-bab5
bysabtolinux
 
Latihan3 comp-forensic-bab2
bysabtolinux
 
Latihan1 comp-forensic
bysabtolinux
 
Latihan 1 computer forensic
bysabtolinux
 
Macam2 sertifikasi linux
bysabtolinux
 

Recently uploaded

PDF
"Painless Major Upgrade: A Strategy for Updating Large Codebases", Andrii Yat...
byFwdays
 
PDF
January 2026 OpenMetadata Community Spotlight - OpenMetadata @ Wix.pdf
byOpenMetadata
 
PDF
Designing a Blog Using Wordpress
bymarkzubi50
 
PDF
CI CD Observability, Metrics and DORA - Shifting Left and Cleaning Up! - Febr...
byPeter Souter
 
PPTX
NTG - Data Center Management System Software
byMustafa Kuğu
 
PDF
Website Redesign Vs Website Refresh, What’s Right for You in 2026?
byAnuj Kumar Singh
 
PDF
2026_01_28 - OpenMetadata Community Meeting.pdf
byOpenMetadata
 
PDF
Computer-Based Training (CBT) The Backbone of Modern Technical & Defence Trai...
bycomputerbasedtrainin1
 
PPTX
TechSprint (SJBIT) 2025-26 Hackathon Winners & Awards Ceremony
bysuhasspgdg
 
PDF
What Is the Azure AI Foundry and Why Does It Matter for Enterprises?
byjohncarterjn
 
PDF
Title Installing Windows, Linux, MacOS.pdf
byGeraldAbadajos
 
PDF
Taxonomy Alignment for SDG Tagging - ASHA Case Study
byEnterprise Knowledge
 
PDF
AI and Zero Trust: What it takes to do it right
byMark Simos
 
PDF
Real-Time AI Masterclass: Vector Search at Scale
byScyllaDB
 
PDF
Chapter 4 Network Security in computer security
byGetnet Tigabie Askale -(GM)
 
PDF
Agentic-Document-Extraction-2026-Presentation.pdf
byTamanna
 
PDF
"When every team does things "right", but together it turns into chaos", Yozh...
byFwdays
 
PDF
Build Next-Gen Spatial & Sensor Workflows: Secure, Scalable Processing in Sno...
bySafe Software
 
PPTX
Jisc Equipment Data Service Update Workshop 3 December 2025
byJisc
 
PDF
Parental Control App for Phones_ The Complete 2026 Guide for Safer, Smarter P...
byRyan Cooper
 
"Painless Major Upgrade: A Strategy for Updating Large Codebases", Andrii Yat...
byFwdays
 
January 2026 OpenMetadata Community Spotlight - OpenMetadata @ Wix.pdf
byOpenMetadata
 
Designing a Blog Using Wordpress
bymarkzubi50
 
CI CD Observability, Metrics and DORA - Shifting Left and Cleaning Up! - Febr...
byPeter Souter
 
NTG - Data Center Management System Software
byMustafa Kuğu
 
Website Redesign Vs Website Refresh, What’s Right for You in 2026?
byAnuj Kumar Singh
 
2026_01_28 - OpenMetadata Community Meeting.pdf
byOpenMetadata
 
Computer-Based Training (CBT) The Backbone of Modern Technical & Defence Trai...
bycomputerbasedtrainin1
 
TechSprint (SJBIT) 2025-26 Hackathon Winners & Awards Ceremony
bysuhasspgdg
 
What Is the Azure AI Foundry and Why Does It Matter for Enterprises?
byjohncarterjn
 
Title Installing Windows, Linux, MacOS.pdf
byGeraldAbadajos
 
Taxonomy Alignment for SDG Tagging - ASHA Case Study
byEnterprise Knowledge
 
AI and Zero Trust: What it takes to do it right
byMark Simos
 
Real-Time AI Masterclass: Vector Search at Scale
byScyllaDB
 
Chapter 4 Network Security in computer security
byGetnet Tigabie Askale -(GM)
 
Agentic-Document-Extraction-2026-Presentation.pdf
byTamanna
 
"When every team does things "right", but together it turns into chaos", Yozh...
byFwdays
 
Build Next-Gen Spatial & Sensor Workflows: Secure, Scalable Processing in Sno...
bySafe Software
 
Jisc Equipment Data Service Update Workshop 3 December 2025
byJisc
 
Parental Control App for Phones_ The Complete 2026 Guide for Safer, Smarter P...
byRyan Cooper
 

Latihan4 comp-forensic-bab3

  • 1.
  • 2.
    What is ComputerInvestigation Process? how to search for and collect evidence that can be used in a legal case or for a corporate inquiry, how to examine and analyze this evidence, and other matters related to forensic cases.
  • 3.
    Policy and ProcedureDevelopment - A mission statement - The personnel requirements for the computer forensic unit - Administrative considerations - Submission and retrieval of computer forensic service requests - Implementation of case-management procedures - Handling of evidence - Development of case-processing procedures - Development of technical procedures
  • 4.
    Investigating a CompanyPolicy Violation Implementing and Enforcing Company Policy To effectively implement such policies, the company needs to inform each employee of the company policy. Employees who use company resources such as Internet or computer systems for personal use not only violate company policies but also waste resources, time, and money.
  • 5.
    Before Starting theInvestigation Legal Considerations Some important legal points an investigator should keep in mind are: • Ensuring the scope of the search • Checking for possible issues related to the federal statutes applicable (such as the Electronic Communications Privacy Act of 1986 [ECPA] and the Cable Communications Policy Act [CCPA], both as amended by the USA PATRIOT Act of 2001, and the Privacy Protection Act of 1980 [PPA]), state statutes, and local policies and laws
  • 6.
    10 Steps toPrepare for a Computer Forensic Investigation 1. Do not turn the computer off or on, run any programs, or attempt to access data on the computer. An expert will have the appropriate tools and experience to prevent data overwriting, damage from static electricity, or other concerns. 2. Secure any relevant media—including hard drives, laptops, BlackBerrys, PDAs, cell phones, CDROMs, DVDs, USB drives, and MP3 players—the subject may have used. 3. Suspend automated document destruction and recycling policies that may pertain to any relevant media or users at the time of the issue.
  • 7.
    10 Steps toPrepare for a Computer Forensic Investigation 4. Identify the type of data you are seeking, the information you are looking for, and the urgency level of the examination. 5. Once the machine is secured, obtain information about the machine, the peripherals, and the network to which it is connected. 6. If possible, obtain passwords to access encrypted or password-protected files. 7. Compile a list of names, e-mail addresses, and other identifying information about those with whom the subject might have communicated.
  • 8.
    10 Steps toPrepare for a Computer Forensic Investigation 8. If the computer is accessed before the forensic expert is able to secure a mirror image, note the user(s) who accessed it, what files they accessed, and when the access occurred. If possible, find out why the computer was accessed. 9. Maintain a chain of custody for each piece of original media, indicating where the media has been, whose possession it has been in, and the reason for that possession. 10. Create a list of key words or phrases to use when searching for relevant data.
  • 9.
    Collecting The Evidence -Obtaining a search warrant - Preparing for searched - Searches for warrant - Performing a Preliminary Assessment - Examining and Collecting Evidence - Acquiring the Subject Evidence - Methods of Collecting Evidence - Securing the Computer Evidence - Processing Location Assessment - Chain-of-Evidence Form
  • 10.
    Examining the DigitalEvidence - Understanding Bit-Stream Copies - Imaging - Making a Bit-Stream Copy Using MS-DOS - Acquiring a Bit-Stream Copy of a Floppy Disk Using Image - Making a Bit-Stream Copy of Evidence Using Image - Write Protection - Evidence Assessment
  • 11.
    Examining the DigitalEvidence - Evidence Examination - Analysis of Extracted Data - Time-Frame Analysis - Data-Hiding Analysis - Application and File Analysis - Ownership and Possession - Documenting and Reporting - The Final Report
  • 12.