Computer forensics is a very important branch of computer science in relation to computer and Internet related crimes. Earlier, computers were only used to produce data but now it has expanded to all devices related to digital data. The goal of Computer forensics is to perform crime investigations by using evidence from digital data to find who was the responsible for that particular crime.
For better research and investigation, developers have created many computer forensics tools. Police departments and investigation agencies select the tools based on various factors including budget and available experts on the team.
Computer forensics is a very important branch of computer science in relation to computer and Internet related crimes. Earlier, computers were only used to produce data but now it has expanded to all devices related to digital data. The goal of Computer forensics is to perform crime investigations by using evidence from digital data to find who was the responsible for that particular crime.
For better research and investigation, developers have created many computer forensics tools. Police departments and investigation agencies select the tools based on various factors including budget and available experts on the team.
The presentation is all about computer forensics. the process , the tools and its features and some example scenarios.. It will give you a great insight into the computer forensics
Digital forensics is a branch of forensic science encompassing the recovery and investigation of material found in digital devices, often in relation to computer crime. A Pilot study on methodology and complexity of digital forensics and how digital forensics can be applied in a live environment without the loss or spoilage of valuable data and evidence.
La sociedad cívica tiene algunas expectativas básicas: Gente e instituciones, incluyendo gobiernos, deben comportarse según las leyes y la ética de la sociedad. Sin embargo, hoy en día la tecnología presta capacidades inesperadas y no bien conocidas. Estas tecnologías pueden chocar con la ética y las leyes de la sociedad. En particular, en sociedades modernas hay la expectativa de la privacidad de individuos y organizaciones.
En esta charla examinamos varias tecnologías que en muchos casos contradicen nuestras expectativas en cuanto a la privacidad. Veamos bases de datos estadísticos donde consultas deberían guardar la privacidad de los datos de individuos y varias tecnologías que permiten el monitoreo de la ubicación o el comportamiento de una persona o de las comunicaciones de la misma. También examinamos problemas relacionados con el uso de criptografía y el uso de marcas de agua, entro varios. En muchos casos, la tecnología compromete la privacidad, en algunos casos, presta más privacidad que es deseable.
The presentation is all about computer forensics. the process , the tools and its features and some example scenarios.. It will give you a great insight into the computer forensics
Digital forensics is a branch of forensic science encompassing the recovery and investigation of material found in digital devices, often in relation to computer crime. A Pilot study on methodology and complexity of digital forensics and how digital forensics can be applied in a live environment without the loss or spoilage of valuable data and evidence.
La sociedad cívica tiene algunas expectativas básicas: Gente e instituciones, incluyendo gobiernos, deben comportarse según las leyes y la ética de la sociedad. Sin embargo, hoy en día la tecnología presta capacidades inesperadas y no bien conocidas. Estas tecnologías pueden chocar con la ética y las leyes de la sociedad. En particular, en sociedades modernas hay la expectativa de la privacidad de individuos y organizaciones.
En esta charla examinamos varias tecnologías que en muchos casos contradicen nuestras expectativas en cuanto a la privacidad. Veamos bases de datos estadísticos donde consultas deberían guardar la privacidad de los datos de individuos y varias tecnologías que permiten el monitoreo de la ubicación o el comportamiento de una persona o de las comunicaciones de la misma. También examinamos problemas relacionados con el uso de criptografía y el uso de marcas de agua, entro varios. En muchos casos, la tecnología compromete la privacidad, en algunos casos, presta más privacidad que es deseable.
Cyber crimes are increasing day by day, so as the cyber evidences at the crime scene.
To know more about the cyber evidence, go to the link given below-
https://youtu.be/2PBoOPU9e00
As our digital records are likely to be cyber-breached several times and/or we all have to deal with legal proceedings, learn how to use digital forensics experts efficiently.
Access Control : Defense Strategies and Techniques: Part II
Module I of Advanced System Security and Digital Forensics.Authentication Protocols & Category
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Dr.Costas Sachpazis
Terzaghi's soil bearing capacity theory, developed by Karl Terzaghi, is a fundamental principle in geotechnical engineering used to determine the bearing capacity of shallow foundations. This theory provides a method to calculate the ultimate bearing capacity of soil, which is the maximum load per unit area that the soil can support without undergoing shear failure. The Calculation HTML Code included.
Democratizing Fuzzing at Scale by Abhishek Aryaabh.arya
Presented at NUS: Fuzzing and Software Security Summer School 2024
This keynote talks about the democratization of fuzzing at scale, highlighting the collaboration between open source communities, academia, and industry to advance the field of fuzzing. It delves into the history of fuzzing, the development of scalable fuzzing platforms, and the empowerment of community-driven research. The talk will further discuss recent advancements leveraging AI/ML and offer insights into the future evolution of the fuzzing landscape.
Automobile Management System Project Report.pdfKamal Acharya
The proposed project is developed to manage the automobile in the automobile dealer company. The main module in this project is login, automobile management, customer management, sales, complaints and reports. The first module is the login. The automobile showroom owner should login to the project for usage. The username and password are verified and if it is correct, next form opens. If the username and password are not correct, it shows the error message.
When a customer search for a automobile, if the automobile is available, they will be taken to a page that shows the details of the automobile including automobile name, automobile ID, quantity, price etc. “Automobile Management System” is useful for maintaining automobiles, customers effectively and hence helps for establishing good relation between customer and automobile organization. It contains various customized modules for effectively maintaining automobiles and stock information accurately and safely.
When the automobile is sold to the customer, stock will be reduced automatically. When a new purchase is made, stock will be increased automatically. While selecting automobiles for sale, the proposed software will automatically check for total number of available stock of that particular item, if the total stock of that particular item is less than 5, software will notify the user to purchase the particular item.
Also when the user tries to sale items which are not in stock, the system will prompt the user that the stock is not enough. Customers of this system can search for a automobile; can purchase a automobile easily by selecting fast. On the other hand the stock of automobiles can be maintained perfectly by the automobile shop manager overcoming the drawbacks of existing system.
About
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
Technical Specifications
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
Key Features
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface
• Compatible with MAFI CCR system
• Copatiable with IDM8000 CCR
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
Application
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
Welcome to WIPAC Monthly the magazine brought to you by the LinkedIn Group Water Industry Process Automation & Control.
In this month's edition, along with this month's industry news to celebrate the 13 years since the group was created we have articles including
A case study of the used of Advanced Process Control at the Wastewater Treatment works at Lleida in Spain
A look back on an article on smart wastewater networks in order to see how the industry has measured up in the interim around the adoption of Digital Transformation in the Water Industry.
Cosmetic shop management system project report.pdfKamal Acharya
Buying new cosmetic products is difficult. It can even be scary for those who have sensitive skin and are prone to skin trouble. The information needed to alleviate this problem is on the back of each product, but it's thought to interpret those ingredient lists unless you have a background in chemistry.
Instead of buying and hoping for the best, we can use data science to help us predict which products may be good fits for us. It includes various function programs to do the above mentioned tasks.
Data file handling has been effectively used in the program.
The automated cosmetic shop management system should deal with the automation of general workflow and administration process of the shop. The main processes of the system focus on customer's request where the system is able to search the most appropriate products and deliver it to the customers. It should help the employees to quickly identify the list of cosmetic product that have reached the minimum quantity and also keep a track of expired date for each cosmetic product. It should help the employees to find the rack number in which the product is placed.It is also Faster and more efficient way.
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptxR&R Consult
CFD analysis is incredibly effective at solving mysteries and improving the performance of complex systems!
Here's a great example: At a large natural gas-fired power plant, where they use waste heat to generate steam and energy, they were puzzled that their boiler wasn't producing as much steam as expected.
R&R and Tetra Engineering Group Inc. were asked to solve the issue with reduced steam production.
An inspection had shown that a significant amount of hot flue gas was bypassing the boiler tubes, where the heat was supposed to be transferred.
R&R Consult conducted a CFD analysis, which revealed that 6.3% of the flue gas was bypassing the boiler tubes without transferring heat. The analysis also showed that the flue gas was instead being directed along the sides of the boiler and between the modules that were supposed to capture the heat. This was the cause of the reduced performance.
Based on our results, Tetra Engineering installed covering plates to reduce the bypass flow. This improved the boiler's performance and increased electricity production.
It is always satisfying when we can help solve complex challenges like this. Do your systems also need a check-up or optimization? Give us a call!
Work done in cooperation with James Malloy and David Moelling from Tetra Engineering.
More examples of our work https://www.r-r-consult.dk/en/cases-en/
Student information management system project report ii.pdfKamal Acharya
Our project explains about the student management. This project mainly explains the various actions related to student details. This project shows some ease in adding, editing and deleting the student details. It also provides a less time consuming process for viewing, adding, editing and deleting the marks of the students.
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...Amil Baba Dawood bangali
Contact with Dawood Bhai Just call on +92322-6382012 and we'll help you. We'll solve all your problems within 12 to 24 hours and with 101% guarantee and with astrology systematic. If you want to take any personal or professional advice then also you can call us on +92322-6382012 , ONLINE LOVE PROBLEM & Other all types of Daily Life Problem's.Then CALL or WHATSAPP us on +92322-6382012 and Get all these problems solutions here by Amil Baba DAWOOD BANGALI
#vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore#blackmagicformarriage #aamilbaba #kalajadu #kalailam #taweez #wazifaexpert #jadumantar #vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore #blackmagicforlove #blackmagicformarriage #aamilbaba #kalajadu #kalailam #taweez #wazifaexpert #jadumantar #vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore #Amilbabainuk #amilbabainspain #amilbabaindubai #Amilbabainnorway #amilbabainkrachi #amilbabainlahore #amilbabaingujranwalan #amilbabainislamabad
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...
Lecture #32: Digital Forensics : Evidence Handling, Validation and Reporting
1. Lecture #32: Digital Forensics : Evidence
Handling, Validation and Reporting
Dr.Ramchandra Mangrulkar
October 7, 2020
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 1 / 18
2. The principles of digital evidence
1 No action taken by law enforcement agencies, persons employed
within those agencies or their agents should change data which
may subsequently be relied upon in court.
2 In circumstances where a person finds it necessary to access
original data, that person must be competent to do so and be
able to give evidence explaining the relevance and the
implications of their actions.
3 An audit trail or other record of all processes applied to digital
evidence should be created and preserved. An independent third
party should be able to examine those processes and achieve the
same result.
4 The person in charge of the investigation has overall
responsibility for ensuring that the law and these principles are
adhered to.
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 2 / 18
3. The principles of digital evidence
1 No action taken by law enforcement agencies, persons employed
within those agencies or their agents should change data which
may subsequently be relied upon in court.
2 In circumstances where a person finds it necessary to access
original data, that person must be competent to do so and be
able to give evidence explaining the relevance and the
implications of their actions.
3 An audit trail or other record of all processes applied to digital
evidence should be created and preserved. An independent third
party should be able to examine those processes and achieve the
same result.
4 The person in charge of the investigation has overall
responsibility for ensuring that the law and these principles are
adhered to.
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 2 / 18
4. The principles of digital evidence
1 No action taken by law enforcement agencies, persons employed
within those agencies or their agents should change data which
may subsequently be relied upon in court.
2 In circumstances where a person finds it necessary to access
original data, that person must be competent to do so and be
able to give evidence explaining the relevance and the
implications of their actions.
3 An audit trail or other record of all processes applied to digital
evidence should be created and preserved. An independent third
party should be able to examine those processes and achieve the
same result.
4 The person in charge of the investigation has overall
responsibility for ensuring that the law and these principles are
adhered to.
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 2 / 18
5. The principles of digital evidence
1 No action taken by law enforcement agencies, persons employed
within those agencies or their agents should change data which
may subsequently be relied upon in court.
2 In circumstances where a person finds it necessary to access
original data, that person must be competent to do so and be
able to give evidence explaining the relevance and the
implications of their actions.
3 An audit trail or other record of all processes applied to digital
evidence should be created and preserved. An independent third
party should be able to examine those processes and achieve the
same result.
4 The person in charge of the investigation has overall
responsibility for ensuring that the law and these principles are
adhered to.
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 2 / 18
6. Evidence Collections
After securing the evidence, a survey of the scene will give
investigators an accurate sense of what’s ahead. Several questions
need to be answered
What kinds of devices are present?
How many devices are we dealing with?
Are any of the devices running?
What tools will be needed?
Do we have the necessary expertise on hand?
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 3 / 18
7. Evidence Collections
After securing the evidence, a survey of the scene will give
investigators an accurate sense of what’s ahead. Several questions
need to be answered
What kinds of devices are present?
How many devices are we dealing with?
Are any of the devices running?
What tools will be needed?
Do we have the necessary expertise on hand?
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 3 / 18
8. Evidence Collections
After securing the evidence, a survey of the scene will give
investigators an accurate sense of what’s ahead. Several questions
need to be answered
What kinds of devices are present?
How many devices are we dealing with?
Are any of the devices running?
What tools will be needed?
Do we have the necessary expertise on hand?
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 3 / 18
9. Evidence Collections
After securing the evidence, a survey of the scene will give
investigators an accurate sense of what’s ahead. Several questions
need to be answered
What kinds of devices are present?
How many devices are we dealing with?
Are any of the devices running?
What tools will be needed?
Do we have the necessary expertise on hand?
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 3 / 18
10. Evidence Collections
After securing the evidence, a survey of the scene will give
investigators an accurate sense of what’s ahead. Several questions
need to be answered
What kinds of devices are present?
How many devices are we dealing with?
Are any of the devices running?
What tools will be needed?
Do we have the necessary expertise on hand?
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 3 / 18
11. What to take along
1. Evidence Tape
2. Chain of custody form
3. Inventory forms
4. Digital camera
5. Toolkit ( Screw driver set with pentalobe Screwdriver for removing
HDDs from Mac laptops)
6. Adhesive tape, Sticky note
7. New/ wiped pen drives, hard drives
8. Gloves, static wrist band
9. Write blockers (e.g. ATA, SATA, SCSI, firewire, USB, e-sata,
SSD) with cables.
10. Hardware for Imaging (TD2U, Falcon, TrueImager) if available
11. Laptop with FTK (Crossover Tested)
12. Card readers
13. Magnifying glass, Flash Light
14. Faraday bag/Aluminium foil, Bubble wraps
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 4 / 18
12. Order of Volatility
CPU, cache, and register content
Routing table, ARP cache, process table, kernel statistics
Memory
Temporary file system/swap space
Data on hard disk
Remotely logged data
Data contained on archival media
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 5 / 18
13. Order of Volatility
CPU, cache, and register content
Routing table, ARP cache, process table, kernel statistics
Memory
Temporary file system/swap space
Data on hard disk
Remotely logged data
Data contained on archival media
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 5 / 18
14. Order of Volatility
CPU, cache, and register content
Routing table, ARP cache, process table, kernel statistics
Memory
Temporary file system/swap space
Data on hard disk
Remotely logged data
Data contained on archival media
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 5 / 18
15. Order of Volatility
CPU, cache, and register content
Routing table, ARP cache, process table, kernel statistics
Memory
Temporary file system/swap space
Data on hard disk
Remotely logged data
Data contained on archival media
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 5 / 18
16. Order of Volatility
CPU, cache, and register content
Routing table, ARP cache, process table, kernel statistics
Memory
Temporary file system/swap space
Data on hard disk
Remotely logged data
Data contained on archival media
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 5 / 18
17. Order of Volatility
CPU, cache, and register content
Routing table, ARP cache, process table, kernel statistics
Memory
Temporary file system/swap space
Data on hard disk
Remotely logged data
Data contained on archival media
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 5 / 18
18. Order of Volatility
CPU, cache, and register content
Routing table, ARP cache, process table, kernel statistics
Memory
Temporary file system/swap space
Data on hard disk
Remotely logged data
Data contained on archival media
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 5 / 18
19. Documenting the Scene
There is an old tried and true saying in law enforcement: “If you don’t
write it down, it didn’t happen.” These are words of wisdom indeed.
photographs
written notes
video
process begins the moment investigators arrive at the scene
noting the date and time
all the people at the scene
detailed descriptions of the evidence we collect
its location, the names of who discovered and collected it
item’s condition, especially if there is visible damage.
digital evidence is described by type, make, model, serial
number, or other similar descriptors.
device is on or off or if it’s connected to other devices (such as
printers) or a network (like the Internet).
Virtually everything we see, find, and do should be documented.
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 6 / 18
20. Evidence into Custody
Place the phone in special containers that shield the phone from
wireless signals. Empty paint cans and Faraday bags are two of the
more typical choices.
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 7 / 18
21. Protecting Cell Phones from Network Signals
It’s essential to isolate a live cell phone from the network. If not, it
can receive calls, text messages, or even commands to delete all the
data. A Faraday bag is one way to prevent a network signal from
reaching the phone. A Faraday bag is made of “some type of
conducting material or mesh” that repels these signals. 1
.
1
The function of the bag is based on the work of Michael Faraday, an English
scientist who specialized in electromagnetism (Microsoft Corporation)
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 8 / 18
22. Evidence Label Format
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 9 / 18
23. Evidence Labelling
The Basics of Digital Forensics: The Primer for Getting Started in
Digital Forensics
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 10 / 18
24. Chain of Custody
Before a piece of evidence gets in front of a jury, it must first meet a
series of strict legal requirements, well-documented called chain of
custody.
evidence makes many stops on its road to trial.
Each of these stops must be noted, tracking each and every time
the evidence item changes hands or locations
Without this detailed accounting, the evidence will be deemed
untrustworthy and inadmissible.
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 11 / 18
25. Chain of Custody
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 12 / 18
26. Chain of Custody : Marking Evidence
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 13 / 18
27. Chain of Custody :Cloning Evidence
A forensic clone is an exact, bit for bit copy of a hard drive. It’s
also known as a bit stream image. In other words, every bit (1 or
0) is duplicated on a separate, forensically clean piece of media,
such as a hard drive.
Hard drives are susceptible to failure. Having two clones gives
you one to examine and one to fall back on.
Forensically Clean Media : Drives can be cleaned with the same
devices used to make the clones. The cleaning process
overwrites the entire hard drive with a particular pattern of data
such as 1111111111111
Forensic Image Formats : The end result of the cloning process
is a forensic image of the source hard drive : EnCase (Extension
.E01) Raw dd (Extension .001) AccessData Custom Content
Image (Extension .AD1)
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 14 / 18
28. Evidence Validation: Hashing
How do we know our clone is an exact duplicate of the evidence
drive?
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 15 / 18
29. Evidence Validation: Hashing Example
How do we know our clone is an exact duplicate of the evidence
drive?
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 16 / 18
30. Final Report
Conclusion of the analysis, the examiner will generate a final
report detailing what was done, what was found, and their
findings.
Ideally, final reports need to be crafted with the intended
audience in mind.
Must be addressed wrt nontechnical reader’s such as judges,
attorneys and juries.
major forensic tools, such as EnCase and FTK
Final report should include a detailed narrative of all the actions
taken by the examiner, starting at the scene if they were present.
The examination should be documented with sufficient detail so
that the procedure can be duplicated by another examiner
Dr.Ramchandra Mangrulkar Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingOctober 7, 2020 17 / 18