< All Computer Hacking and Forensics Notes

misngs2018 | Computer and Hacking Forensics | Module 2 - Investigative Process

By: misngs2018 | Related Course: Computer Hacking and Forensics | Published: February 15, 2018 | Modified: March 21, 2018
Join Cybrary

Notepadinvestigate process


18 VSC 1361 malicious mischef

*18 USC 1029 Fraud access dev.

*18 USC 1030 Fraud computers

rule 402 Admissible evidence

rule 901 ID Authentication

rule 608 conduct of witness

rule 609 impeachment of evidence

rule 502 attorney  client priv.

rule 614 interrogation of witness

rule 701 opinion testimony

rule 705 disclosure of facts

rule 1002 REQ of orig

rule 1003 admissibility of duplicates 

1986 electronic comm privacy act (ECPA)

2001 USA patriot act

1980 privacy protection act

          cable comm policy act




Build Workstation: hardware-integrity-data&time-deleted files-removable media-analyze drive.

Build A team: roles&responsibilities-attorney-photographer-Indecent Res-ponder(IR)-analyzer-documenter-expert witness


1. Search warrant

    entire company- device

2. Secure the scene

    photograph-label-forms(date, type, volitile, 5-w’s)

3. Collect evidence

     media, cables, peripherals, trash

4. Secure evidence

    (chain, orig, mgmt)

5. Acquire data

    image integrity


6. Analyze

    file systems-FTK-recovery software

7. Document&report



recover my file


< All Computer Hacking and Forensics Notes
Join Cybrary

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

We recommend always using caution when following any link

Are you sure you want to continue?