Scribd
Upload
332 views

Digital Forensic Assignment 1

Digital forensics involves the process of identifying, preserving, analyzing and documenting digital evidence from electronic devices for use in legal cases. There are several branches of digital forensics including computer forensics, mobile device forensics, network forensics, forensic data analysis, and database forensics. The typical digital forensics process involves collection of evidence, examination and extraction of data, analysis of the data to determine who created or edited files and when, and reporting the findings.

Uploaded by

Tate Ngeekepo Kemwiifaneni Ndeiluka
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
332 views

Digital Forensic Assignment 1

Digital forensics involves the process of identifying, preserving, analyzing and documenting digital evidence from electronic devices for use in legal cases. There are several branches of digital forensics including computer forensics, mobile device forensics, network forensics, forensic data analysis, and database forensics. The typical digital forensics process involves collection of evidence, examination and extraction of data, analysis of the data to determine who created or edited files and when, and reporting the findings.

Uploaded by

Tate Ngeekepo Kemwiifaneni Ndeiluka
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 8

Faculty of Engineering and Technology

STUDENT NAME: Seinio Tweulongelwa Ndeiluka

STUDENT NUMBER: 2126922

STUDY PROGRAMME: Bachelor of Science (Honours) in Network Security and


Computer Forensics

LECTURE’S NAME: Bertha Karimbika (Mrs. Nkomo)

SUBJECT: Computer Forensics and Data recoveryC6-CFD-13


DUE DATE: 15 August 2023

ASSIGNMENT: One (1)

1. What is an Digital Forensic?

1
Table of Contents
Introduction …3
What is digital forensics 3-4

Discuss the what Are the Different Branches of Digital Forensics ? 4-7
Conclusion 7
Reference 8

2
1. Introduction

The 21st century world is driven by computing and digital processing acts , so digital
forensics is known to be confined to digital and computing environments. Truely, it has
more impact on society activities in today’s living. Due to uses of computers , and smart
devices around the world on every aspect of life, digital evidence has become difficult to
be brought it forward on solving many critical types of crimes and legal issues , both in
the digital and in the physical world.

The networked platforms whereby devices generate massive amounts of data through
interactions and connections, many devices logs and actions performed by their users, as
well as by autonomous activities performed by the device, can be retrieved in case of
crimes and legal issues raised and evidence need to be preserved and presented to
authorities when needed and this is only possible with digital forensics.

U.S Department of Justice (2023) stated that in an effort to fight e-crime and to collect
relevant digital evidence for all crimes, law enforcement agencies are incorporating the
collection and analysis of digital evidence, also known as computer forensics, into their
infrastructure. Law enforcement agencies are challenged by the need to train officers to
collect digital evidence and keep up with rapidly evolving technologies such as computer
operating systems.

2. What is digital forensics?

Personally to my understanding, digital forensic is about today digitalized platforms


whereby investigations , analysing , retrieving, and interpreting digital information from
electronic processing devices is needed when laws and regulations are broken down and
authorities would want to use such information to proof that criminal activities did happen

3
using digital platforms or electronic platforms be it's a computer , hard drive , memory
stick , usb , smart devices , operating systems, and pads .

According to EC-council ,(2023), digital forensics is the process of identifying,


preserving, analyzing and documentation digital evidence. This is done in order to present
evidence in a court of law when required.

3. Discuss what Are the Different Branches of Digital Forensics?

According to BlueVoyant,(2023), here is a brief overview of the main types of


digital forensics:`

a) Computer Forensics

Computer forensic science (computer forensics) investigates computers and digital


storage evidence. It involves examining digital data to identify, preserve, recover,
analyze and present facts and opinions on inspected information. This branch of
computer forensics uses similar principles and techniques to data recovery, but
includes additional practices and guidelines that create a legal audit trail with a
clear chain of custody.

b) Mobile Device Forensics

Mobile device forensics focuses primarily on recovering digital evidence from


mobile devices. It involves investigating any device with internal memory and
communication functionality, such as mobile phones, PDA devices, tablets, and
GPS devices.

4
c) Network Forensics
The network forensics field monitors, registers, and analyzes network activities.
Network data is highly dynamic, even volatile, and once transmitted, it is gone. It
means that network forensics is usually a proactive investigation process.

d) Forensic Data Analysis


Forensic data analysis (FDA) focuses on examining structured data, found in
application systems and databases, in the context of financial crime. FDA aims to
detect and analyze patterns of fraudulent activity.

e) Database Forensics

Database forensics involves investigating access to databases and reporting changes


made to the data. You can apply database forensics to various purposes. For
example, you can use database forensics to identify database transactions that
indicate fraud. Alternatively, your database forensics analysis may focus on
timestamps associated with the update time of a row in your relational database.
This investigation aims to inspect and test the database for validity and verify the
actions of a certain database user.

f) The Digital Forensics Process

The digital forensics process may change from one scenario to another, but it
typically consists of four core steps—collection, examination, analysis, and
reporting.

g) Collection

The collection phase involves acquiring digital evidence, usually by seizing


physical assets, such as computers, hard drives, or phones. It is critical to ensure

5
that data is not lost or damaged during the collection process. You can prevent data
loss by copying storage media or creating images of the original.

h) Examination

The examination phase involves identifying and extracting data. You can split this
phase into several steps—prepare, extract, and identify.

When preparing to extract data, you can decide whether to work on a live or dead
system. For example, you can power up a laptop to work on it live or connect a
hard drive to a lab computer.

During the identification step, you need to determine which pieces of data are
relevant to the investigation. For example, warrants may restrict an investigation to
specific pieces of data.

i) Analysis
The analysis phase involves using collected data to prove or disprove a case built
by the examiners. Here are key questions examiners need to answer for all relevant
data items:

Who created the data, Who edited the data, How the data was created, When these
activities occur

In addition to supplying the above information, examiners also determine how the
information relates to the case.

j) Reporting

6
The reporting phase involves synthesizing the data and analysis into a format that makes
sense to laypeople. These reports are essential because they help convey the information so
that all stakeholders can understand.

4. Conclusion

Computer forensics investigations can be very critical to investigate, but with the right
tools, you can easily collect evidence successfully . Collecting evidence is a vital aspect of
a case, as you cannot prosecute without a substantial amount of it, but it is not the only
thing to consider. Each side of the case can have a forensic expert give expert witness
testimony on the evidence that was gathered and is being presented. The expertise should
be able to explain how evidence was collected and obtained, and how it is linking to the
case.

7
5. Reference

 EC-Council,16 Janary 2023,What is Digital Forensics, retrieved from


https://www.eccouncil.org/cybersecurity/what-is-digital-forensics/
 BlueVoyant, 01 January 2023 ,What Are the Different Branches of Digital
Forensics?, retrieved from
,https://www.bluevoyant.com/knowledge-center/understanding-digital-forensics-
process-techniques-and-tools
 U.S Department of Justice ,12 June 2023, Washington, D.C. 20531,Digital
Evidence and Forensics, retrieved from https://nij.ojp.gov/digital-evidence-and-
forensics

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy