1 hour 49 minutes
module 2.1 is the start of our process from collections to testimony.
In order to truly be able to get to the point where you can testify about your findings, you have to first identify the evidence to be reviewed.
You can't conduct analysis on thin air. You have tow, have
some piece of evidence in order to
do your analysis.
In this video, we're gonna talk about the process for identification and scoping off evidence collections.
Before we do that, however, we're going to talk about the definition of digital forensics.
Digital forensics is the application of science to the identification, collection, examination and analysis of data while preserving the integrity of the information and maintaining a strict chain of custody for the data,
it's really important to pay attention to the highlighted words identification collection, examination, analysis, integrity and China custody, thes air, all concepts, stages
or concepts that will be very vital to our discussions as we move forward
during evidence identification. This is where you're going to define the scope of collections. You're gonna work with legal counsel to determine what data needs to be collected, from whom,
how long you're gonna have to collect it,
where you're going to collect it
and what you're ultimately looking for, what the ultimate
for what happened with that evidence.
There's an idea or concept that you want to cast a wide net,
but not over collect.
If you're dealing with a matter that involves text messages, for example, you may not need to collect the laptop for the individual. You may only need to collect the mobile phone,
if the collection is
and the matter is related to
emails, you may want to cast a wide net. Collect both the cell phone and the computer.
But you're not gonna also collect the cell phone and computer for three other people who are totally unrelated to the matter just because they work in the same business.
It's during this step that your documentation is going to start. You're gonna document document document.
You're going to start building your case of defense ability,
your case of repeat ability.
You're going to start showing why decisions were made, how decisions were made and what the ultimate outcome of things
and conversations that you've had were.
It's important, though,
that you ensure you have the legal authority to collect whatever evidence you're going to collect,
either through court order, subpoena
or even just the authority given to you by an organization. Because as the owner of the devices
in this summary in this video,
we talked about the process for identification and scoping of evidence collections.
Computer Hacking and Forensics
If you love the idea of doing digital forensics investigations to catch cybercriminals and want ...
18 CEU/CPE Hours Available
Certificate of Completion Offered
Computer Forensics and Investigations
Learn to determine potential online criminal activity at its inception, legally gather evidence, search and ...