• Tags
Automation
Azure
Certification
Certifications
CHFI
Cloud
EC-Council
Firewall
Microsoft
Notes
Palo Alto
Python
WGU

🤺 Defeating Anti-forensics Techniques

Anti-forensics refers to various techniques by cybercriminals to destroy or conceal traces of illegal activities and obstruct forensic investigation processes. After compromising a system, attackers frequently attempt to destroy or conceal all traces of their activities, making forensic investigation extremely difficult for investigators. Anti-forensics must be overcome/defeated by forensic investigators so that an analysis yields concrete and accurate evidence that can be used to identify and prosecute the perpetrators. 5.1 Understand Anti-Forensics Techniques What is Anti Forensics?

February 6, 2022 Read

📈 Data Acquisition and Duplication

The first proactive stage in the forensic investigation process is data collecting. Copying files from one device to another isn’t all that forensic data capture entails. Investigators use forensic data acquisition to extract every bit of information from the victim’s system’s memory and storage to produce a forensic replica. Furthermore, this forensic duplicate must be generated so that the data’s integrity can be verified and used as evidence in court.

February 2, 2022 Read

📁 Hard Disks and File Systems

During a forensic investigation, storage devices such as Hard Disk Drives (HDDs) and Solid-State Drives (SSDs) are valuable sources of data. The data collected from storage devices should be located and protected as evidence by the investigator. As a result, the investigator must be familiar with the structure and behavior of storage devices. The file system is also important because the file system determines how data is stored and distributed in a device.

January 31, 2022 Read

🔍 Computer Forensics Investigation Process

Forensic investigators use a systematic strategy to investigate, seize and analyze digital evidence and handle the case from the time of search and seizure until reporting the investigation’s conclusion. Throughout the reading, you’ll learn about the many stages of a computer forensic investigation and the importance of expert witnesses. Formal investigative reports are also discussed in this section, emphasizing their relevance. 2.1 Forensic Investigation Process and its Importance Forensic Investigation Process Examination/Investigation Goals Investigators should have a clear idea about the goals of the examination prior to conducting the investigation They should have an in-depth technical understanding of the inner workings of what is being examined They should have the capability to take a systematic approach to examine evidence based on the request made, say for example, a request made by an attorney Hypothesis Formulation/Criteria If the client has asked you a question, think about it.

January 30, 2022 Read

🌎 Computer Forensics in Today's World

Investigative forensics is the study and investigation of crimes committed using or aimed at a technological platform and is carried out by formally qualified investigators. In today’s environment, digital forensics plays an important role. Detection and conviction of cybercriminals rely heavily on the use of computer forensics. Collecting, inspecting, and reporting data stored on computers and networks in relation to a civil or criminal occurrence is part of the process.

January 29, 2022 Read