| Computer forensics is the process of
| |
| | can bring organizations in criminal or
|
| using the latest knowledge of science and
| |
| | civil courts if the organizations fail to
|
| technology with computer sciences to
| |
| | protect customer data. Organization money
|
| collect, analyze and present proofs to
| |
| | can also be saved by applying computer
|
| the criminal or civil courts. Network
| |
| | forensics. Some mangers and personnel
|
| administrator and security staff
| |
| | spent a large portion of their IT budget
|
| administer and manage networks and
| |
| | for network and computer security. It is
|
| information systems should have complete
| |
| | reported by International Data
|
| knowledge of computer forensics. The
| |
| | Corporation (IDC) that software for
|
| meaning of the word "forensics" is "to
| |
| | vulnerability assessment and intrusion
|
| bring to the court". Forensics is the
| |
| | detection will approach $1.45 billion in
|
| process which deals in finding evidence
| |
| | 2006.
|
| and recovering the data. The evidence
| |
| | As organizations are increasing in number
|
| includes many forms such as finger
| |
| | and the risk of hackers and contractors
|
| prints, DNA test or complete files on
| |
| | is also increase so they have developed
|
| computer hard drives etc. The consistency
| |
| | their own security systems. Organizations
|
| and standardization of computer forensics
| |
| | have developed security devices for their
|
| across courts is not recognized strongly
| |
| | network like intrusions detection systems
|
| because it is new discipline.
| |
| | (IDS), proxies, firewalls which report on
|
| It is necessary for network administrator
| |
| | the security status of network of an
|
| and security staff of networked
| |
| | organization. So technically the major
|
| organizations to practice computer
| |
| | goal of computer forensics is to
|
| forensics and should have knowledge of
| |
| | recognize, gather, protect and examine
|
| laws because rate of cyber crimes is
| |
| | data in such a way that protects the
|
| increasing greatly. It is very
| |
| | integrity of the collected evidence to
|
| interesting for mangers and personnel who
| |
| | use it efficiently and effectively in a
|
| want to know how computer forensics can
| |
| | case.
|
| become a strategic element of their
| |
| | Investigation of computer forensics has
|
| organization security. Personnel,
| |
| | some typical aspects. In first area
|
| security staff and network administrator
| |
| | computer experts who investigate
|
| should know all the issues related to
| |
| | computers should know the type of
|
| computer forensics. Computer experts use
| |
| | evidence they are looking for to make
|
| advanced tools and techniques to recover
| |
| | their search effective. Computer crimes
|
| deleted, damaged or corrupt data and
| |
| | are wide in range such as child
|
| evidence against attacks and intrusions.
| |
| | pornography, theft of personal data and
|
| These evidences are collected to follow
| |
| | destruction of data or computer.
|
| cases in criminal and civil courts
| |
| | Second, computer experts or investigators
|
| against those culprits who committed
| |
| | should use suitable tools. The
|
| computer crimes. The survivability and
| |
| | investigators should have good knowledge
|
| integrity of network infrastructure of
| |
| | of software, latest techniques and
|
| any organization depends on the
| |
| | methods to recover the deleted, encrypted
|
| application of computer forensics. In the
| |
| | or damaged files and prevent further
|
| current situations computer forensics
| |
| | damage in the process of recovery.
|
| should be taken as the basic element of
| |
| | In computer forensics two kinds of data
|
| computer and network security. It would
| |
| | are collected. Persistent data is stored
|
| be a great advantage for your company if
| |
| | on local disk drives or on other media
|
| you know all the technical and legal
| |
| | and is protected when the computer is
|
| aspects of computer forensics. If your
| |
| | powered off or turned off. Volatile data
|
| network is attacked and intruder is
| |
| | is stored in random access memory and is
|
| caught then good knowledge about computer
| |
| | lost when the computer is turned off or
|
| forensics will help to provide evidence
| |
| | loses power. Volatile data is located in
|
| and prosecute the case in the court.
| |
| | caches, random access memory (RAM) and
|
| There are many risks if you practice
| |
| | registers. Computer expert or
|
| computer forensics badly. If you don't
| |
| | investigator should know trusted ways to
|
| take it in account then vital evidence
| |
| | capture volatile data. Security staff and
|
| might be destroyed. New laws are being
| |
| | network administrators should have
|
| developed to protect customers' data; but
| |
| | knowledge about network and computer
|
| if certain kind of data is not properly
| |
| | administration task effects on computer
|
| protected then many liabilities can be
| |
| | forensics process and the ability to
|
| assigned to the organization. New rules
| |
| | recover data lost in a security incident.
|