Part 04 – Forensic Investigation Process

In this section on computer forensics we prepare to go to court. This involves the extremely important processes of evidence collection, analysis, and presentation. We also discuss the laws - in terms of the U.S. Constitution - governing this phase. We start off by discussing the first step in evidence collection which is Identification. In order for something to be admitted into evidence in a court of law, it must first be identified. Locard's Principle of Exchange is mentioned, which is based on the premise that a criminal will usually leave something behind even if it's just a tip-off about their motives based on what they stole. Pretty Sherlock Holmes, huh? The extremely important issue of evidence preservation is discussed next. The chain of custody for evidence MUST be well-documented! A history of how evidence was collected, analyzed, transported, and preserved is required. This process is vital since digital evidence CAN be manipulated! Important procedures for evidence handling are mentioned. This includes thorough documentation using photos of the crime scene and collected evidence along with evidence labeling and logging. We also raise the important issue of the Fourth Amendment regarding illegal search and seizure and how it applies differently to government agents vs. private individuals. The section concludes with a discussion of the processes of examination (just the facts!), analysis (turning data into info), presentation in court, and the climax that results in a decision or legal ruling on the presented evidence.  
Learn on the go.
The app designed for the modern cyber security professional.
Get it on Google Play Get it on the App Store

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?