Computer Forensic Essay

931 Words4 Pages
Instructions: There are multiple parts to this assignment. Carefully read each section and type your answer in the space provided. Complete each part of this Homework Assignment to receive full credit.

Part 1: Investigation Web Sites Chapter 4 in the textbook contains links to several web sites which are important to understanding computer investigations. In this section, list the web sites discussed in the chapter and include their Internet links along with a brief description of what is contained at each of these sites. www.perlustro.com
Expert Computer Forensic Analysis:
Specialized techniques for data recovery, evidence authentication and analysis of electronic data far exceeding normal data collection and preservation
…show more content…
Although DRAMs become less reliable when they are not refreshed, they are not immediately erased, and their contents persist sufficiently for malicious (or forensic) acquisition of usable full-system memory images
-------------------------------------------------

Part 2: Acquisition Tools (Case Project 4-1) Your supervisor has asked you to research current acquisition tools. Using your preferred Internet search engine and the vendors listed in this chapter, prepare a report containing the following information for each tool and stating which tool you would prefer to use: * Computer forensics vendor name
Technologies Pathways ProDiscover
– Guidance Software EnCase
– X-Ways Forensics
– Runtime Software
– R-Tools Technologies * Acquisition tool name and latest version number
You can remotely connect to a suspect computer via a network connection and copy data from it Remote acquisition tools vary in configurations and capabilities * Features of the vendor's product
With ProDiscover Investigator you can:
– Preview a suspect’s drive remotely while it’s in use
– Perform a live acquisition
– Encrypt the connection
– Copy the suspect computer’s RAM
– Use the optional stealth mode
ProDiscover Incident Response additional functions
– Capture volatile system state information
– Analyze current running processes
Remote Acquisition with EnCase
Enterprise
Remote acquisition features
– Remote data acquisition
Get Access