Forensic Evidence Research Paper Example | Topics and Well Written Essays - 1250 words

Forensic Evidence - Research Paper Example Current technological trends have revolutionized the methods of storing data along with different advanced access mechanisms. These systems facilitate law enforcement agencies by providing instant access to these characteristics. Although, computer forensics also facilitates in investigation of crimes within themselves in order to gather evidence associated with criminal activities that breaches violation of an organizations policy. The data can be extracted from storage devices including hard drives, flash drives, memory cards etc (Computer forensics – a critical need in computer, n.d ) Every online user leaves behind logs related to activities that he or she performs online. This digital traceability can reveal activities that are performed by the user on the Internet by identifying who has identified which files along with logs of each website visited. Temporary files can also reveal flash templates and buffered videos. These traceable logs, files, cookies, templates can fa cilitate a great deal to analyze crimes that are committed from computers and may provide solid evidence against the hacker or cyber-criminal. However, many users trust in files after deleting them from the hard drive but there are many ways and methods via which these files can be recovered. The operating system usually does not delete complete files from the hard drive, even if the user deletes the files from the recycling bin. The files are still present, until they are replaced or overwritten by new files. These traceability factors can lead to aid in forensic investigations and can track down criminals by investigating their computer. For instance, during the execution of a search warrant at the residence of John Robinson who was a serial killer, law enforcement agencies discovered two bodies that were badly decomposed along with seizing of five computers (Computer forensics, n.d ). After investigating computers, it was discovered that the serial killer John Robinson was using internet to find people to schedule a meeting. Afterwards they were killed by sexually assaulting them. These facts were only possible by forensic computing techniques and were not possible by physical evidence and investigation (Computer forensics, n.d ). However, many techniques are associated with forensic computing, few techniques are categorized in to two groups i.e. Graphical User Interface (GUI) based forensic tools and Command line forensic tools (Conklin 2005). The command line tools are relatively small, they can be stored in floppy disks as compared to heavy, and slow GUI based forensic tools. However, command line tools also share some disadvantages in terms of their limitations as they are not capable to identify .zip files and .cab files. GUI based tools provide a graphical user interface and is said to be user friendly because specialized knowledge is not required as compared to command line tools requiring commands on every operation. The disadvantage for GUI based t ools is that they are large and cannot be saved in a floppy disk (Conklin 2005). Similarly, organizations also require a proactive approach for threats that may penetrate within the internal network and extracts or expose sensitive information. There are many ways of forensic data acquisition on a network; we will only consider best practices. Network-Based Evidence Acquisition Practices Network management is effective on many vital management functions. If any one of them is not properly configured, effective network management is not possible. Data acquisition is classified as a vital management process that needs to be addresses proficiently. Likewise, Wireshark will only utilize data that is available