Read This! | Picolisp | Picolisp Machine | Pil Sources | Linux | BASH | C-Programmming | Operating Systems | Computer Security | ICSsecurity | Firewalls | Networking | Security Programs | Exploitation | Social Engineering | Metasploit | wifi-penetration | Forensics | Data Recovery
Forensics
The Following Steps should be taken to deal with any event that trigger requirement for forensics:- Acquire Information
- Preserve never alter the state of the machine, if you can
- Never work on original evidence
- Maintain the Chain of Custody, Hash Values of Evidence (to prove the integrity of evidence)
- Go for Data Recovery if possible
- Do Forensic Analysis
- Produce and Present Results
Tools
These Tools are Accepted- Encase
- FTK
- Forensics Towers
Sources, Reading Lists and Links
30nov16 | admin |