< All Computer Hacking and Forensics Notes

Syama35 | Computer and Hacking Forensics | Module 2 - Investigative Process

By: Syama35 | Related Course: Computer Hacking and Forensics | Published: October 31, 2017 | Modified: October 31, 2017
Join Cybrary

NotepadInvestigation Process

LAWS

18USC1361 – Malicious Mischef

18USC1029 – FRAUD ACCESS DEV.

18USC1030 – FRAUD COMPUTERS

RULE 402 – Admissible evidence

RULE 901 – ID & Authentication

RULE 608 – Conduct of witness

RULE 609 – Impeachment of evidence

RULE 502 – ATTORNEY CLIENT PRIV.

RULE 614 – INTERROGATION OF WITNESS

RULE 701 – OPINION TESTIMONY
RULE 705 – DISCLOSURE OF FACTS

RULE 1002 REQ OF ORIG

RULE 1003 ADMISSIBILITY OF DUPLICATES

1986 ELECTRONIC COMM PRIVACY ACT

2001 USA PATRIOT ACT

1980 PRIVACY PROTECTION ACT / CABLE COMMUNICATION ACT

 

PROCESS

1. ASSESS

2. ACQUIRE

3. ANALYSE

4. MANAGEMENT

5. REPORT

6. COURT

PREPARATION

1. Build workstation

– Hardware

-integrity

-date & time

-deleted files

-removable media

-analyse drive

Build a team

– roles and responsibilities

– Attorney – photographer

-IR – Analyser

-documenter

-Expert witness

 

PROCESS

1. search warrant

– entire company – devices

2. secure the scene

-photograph

-label

-form(date,type,volitile, 5 wh words)

3. Collect evidence

– media,cables, peripherals, trash

4. Secure evidence

-chain,original, management

5. Acquire data

-image integrity

-Bit-by-bit copy

6. Analysis

-file systems

-FTK

-Recovery software

7. Document & Report

 


< All Computer Hacking and Forensics Notes
Join Cybrary

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel