DOCSLIB.ORG

Encase Computer Forensics Study Guide

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

4435FM.fm Page i Wednesday, December 21, 2005 10:50 AM EnCase® Computer Forensics The Official EnCE: EnCase® Certified Examiner Study Guide 4435FM.fm Page ii Wednesday, December 21, 2005 10:50 AM 4435FM.fm Page iii Wednesday, December 21, 2005 10:50 AM EnCase® Computer Forensics The Official EnCE: EnCase® Certified Examiner Study Guide Steve Bunting William Wei Wiley Publishing, Inc. 4435FM.fm Page iv Wednesday, December 21, 2005 10:50 AM 4435FM.fm Page v Wednesday, December 21, 2005 10:50 AM Acquisitions and Development Editor: Maureen Adams Technical Editor: Jon Bair Production Editors: Angela Smith, and Daria Meoli Copy Editor: Liz Welch Production Manager: Tim Tate Vice President and Executive Group Publisher: Richard Swadley Vice President and Executive Publisher: Joseph B. Wikert Vice President and Publisher: Neil Edde Media Development Specialist: Angela Denny Book Designer: Judy Fung Compositor: Jeff Wilson, Happenstance Type-O-Rama Proofreader: Jennifer Larsen, Word One Indexer: Nancy Guenther Cover Designer: Richard Miller, Calyx Design Cover Photo Illustration: Anthony DiBello, Guidance Software Cover Image: Getty Images Copyright © 2006 by Wiley Publishing, Inc., Indianapolis, IN Published by Wiley Publishing, Inc., Indianapolis, IN Published simultaneously in Canada ISBN-13: 978-0-7821-4435-2 ISBN-10: 0-7821-4435-7 No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sec- tions 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Pub- lisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for per- mission should be addressed to the Legal Department, Wiley Publishing, Inc., 10475 Crosspoint Blvd., Indianap- olis, IN 46256, (317) 572-3447, fax (317) 572-4355, or online at http://www.wiley.com/go/permissions. Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, includ- ing without limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situation. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services. If professional assistance is required, the services of a competent professional person should be sought. Neither the publisher nor the author shall be liable for damages arising herefrom. The fact that an orga- nization or Website is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or Website may provide or recom- mendations it may make. Further, readers should be aware that Internet Websites listed in this work may have changed or disappeared between when this work was written and when it is read. For general information on our other products and services or to obtain technical support, please contact our Customer Care Department within the U.S. at (800) 762-2974, outside the U.S. at (317) 572-3993 or fax (317) 572-4002. Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic books. TRADEMARKS: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without written per- mission. Microsoft and Visual Basic are registered trademarks of Microsoft Corporation in the United States and/or other countries. All other trademarks are the property of their respective owners. EnCase® is a registered trademark of Guidance Software, Inc. in the United States and other jurisdictions. Copyright ©1998-2006 Guidance Software, Inc. All Rights Reserved. Wiley Publishing, Inc., is not associated with any product or vendor mentioned in this book. Manufactured in the United States of America 10 9 8 7 6 5 4 3 2 1 4435FM.fm Page vi Wednesday, December 21, 2005 10:50 AM 4435FM.fm Page vii Wednesday, December 21, 2005 10:50 AM To Our Valued Readers: Thank you for looking to Sybex for your EnCase® Certified Examiner (EnCE) exam prep needs. The Sybex team is proud of its reputation for providing certification candidates with the practical knowledge and skills needed to succeed in the highly competitive IT marketplace. We are especially proud of the partnership we have formed with Guidance Software, the lead- ing computer forensics software company, to produce this official EnCase Computer Foren- sics Study Guide. Just as Guidance Software is committed to establishing measurable standards for certifying individuals who perform forensic investigation and analysis with EnCase software, Sybex is committed to providing those individuals with the skills needed to meet those standards. The authors and editors have worked hard to ensure that the book you hold in your hands is comprehensive, in-depth, and pedagogically sound. We’re confident that this book will exceed the demanding standards of the certification marketplace and help you, the EnCE can- didate, succeed in your endeavors. As always, your feedback is important to us. If you believe you’ve identified an error in the book, please visit the Customer Support section of the Wiley website. And if you have general comments or suggestions, feel free to drop me a line directly at [email protected]. At Sybex we’re continually striving to meet the needs of individuals preparing for certification exams. Good luck in pursuit of your EnCE! Neil Edde Vice President & Publisher Wiley Publishing, Inc. 4435FM.fm Page viii Wednesday, December 21, 2005 10:50 AM 4435FM.fm Page ix Wednesday, December 21, 2005 10:50 AM Wiley Publishing Inc End-User License Agreement READ THIS. You should carefully read these terms and in materials or workmanship, WPI will replace the defec- conditions before opening the software packet(s) included tive Software Media. (b) WPI AND THE AUTHOR OF with this book “Book”. This is a license agreement “Agree- THE BOOK DISCLAIM ALL OTHER WARRANTIES, ment” between you and Wiley Publishing, Inc.“WPI”. By EXPRESS OR IMPLIED, INCLUDING WITHOUT LIM- opening the accompanying software packet(s), you ITATION IMPLIED WARRANTIES OF MERCHANT- acknowledge that you have read and accept the following ABILITY AND FITNESS FOR A PARTICULAR terms and conditions. If you do not agree and do not want PURPOSE, WITH RESPECT TO THE SOFTWARE, to be bound by such terms and conditions, promptly return THE PROGRAMS, THE SOURCE CODE CON- the Book and the unopened software packet(s) to the place TAINED THEREIN, AND/OR THE TECHNIQUES you obtained them for a full refund. DESCRIBED IN THIS BOOK. WPI DOES NOT WAR- 1. License Grant. WPI grants to you (either an individual RANT THAT THE FUNCTIONS CONTAINED IN or entity) a nonexclusive license to use one copy of the THE SOFTWARE WILL MEET YOUR REQUIRE- enclosed software program(s) (collectively, the “Software” MENTS OR THAT THE OPERATION OF THE SOFT- solely for your own personal or business purposes on a sin- WARE WILL BE ERROR FREE. (c) This limited warranty gle computer (whether a standard computer or a worksta- gives you specific legal rights, and you may have other tion component of a multi-user network). The Software is rights that vary from jurisdiction to jurisdiction. in use on a computer when it is loaded into temporary 6. Remedies. (a) WPI’s entire liability and your exclusive memory (RAM) or installed into permanent memory (hard remedy for defects in materials and workmanship shall be disk, CD-ROM, or other storage device). WPI reserves all limited to replacement of the Software Media, which may rights not expressly granted herein. be returned to WPI with a copy of your receipt at the fol- 2. Ownership. WPI is the owner of all right, title, and inter- lowing address: est, including copyright, in and to the compilation of the Software Media Fulfillment Department, Software recorded on the disk(s) or CD-ROM “Software Media”. Copyright to the individual programs recorded Attn.: EnCase Computer Forensics The Official ENCE: on the Software Media is owned by the author or other EnCase Certified Examiner Study Guide authorized copyright owner of each program. Ownership Wiley Publishing, Inc., 10475 of the Software and all proprietary rights relating thereto Crosspoint Blvd., Indianapolis, IN 46256, remain with WPI and its licensers. or call 1-800-762-2974. 3. Restrictions On Use and Transfer. (a) You may only (i) make one copy of the Software for backup or archival pur- Please allow four to six weeks for delivery. This Limited poses, or (ii) transfer the Software to a single hard disk, Warranty is void if failure of the Software Media has provided that you keep the original for backup or archival resulted from accident, abuse, or misapplication. Any purposes. You may not (i) rent or lease the Software, (ii) replacement Software Media will be warranted for the copy or reproduce the Software through a LAN or other remainder of the original warranty period or thirty (30) network system or through any computer subscriber sys- days, whichever is longer. (b) In no event shall WPI or the tem or bulletin- board system, or (iii) modify, adapt, or cre- author be liable for any damages whatsoever (including ate derivative works based on the Software.
Recommended publications
  • Optimizing and Protecting Hard Drives ‐ Chapter # 9

    Optimizing and Protecting Hard Drives ‐ Chapter # 9

    Optimizing and Protecting Hard Drives ‐ Chapter # 9 Amy Hissom Key Terms antivirus (AV) software — Utility programs that prevent infection or scan a system to detect and remove viruses. McAfee Associates’ VirusScan and Norton AntiVirus are two popular AV packages. backup — An extra copy of a file, used in the event that the original becomes damaged or destroyed. boot sector virus — An infectious program that can replace the boot program with a modified, infected version of the boot command utilities, often causing boot and data retrieval problems. buffer — A temporary memory area where data is kept before being written to a hard drive or sent to a printer, thus reducing the number of writes to the devices. chain — A group of clusters used to hold a single file. child, parent, grandparent backup method — A plan for backing up and reusing tapes or removable disks by rotating them each day (child), week (parent), and month (grandparent). cross-linked clusters — Errors caused when more than one file points to a cluster, and the files appear to share the same disk space, according to the file allocation table. defragment — To “optimize” or rewrite a file to a disk in one contiguous chain of clusters, thus speeding up data retrieval. differential backup — Backup method that backs up only files that have changed or have been created since the last full backup. When recovering data, only two backups are needed: the full backup and the last differential backup. disk cache — A method whereby recently retrieved data and adjacent data are read into memory in advance, anticipating the next CPU request.
  • Lab 13A: Configuring Disk Compression

    Lab 13A: Configuring Disk Compression

    Lab 13A: Configuring Disk Compression Objectives After completing this lab, you will be able to: !" Configure an NTFS volume for compression. !" Move files with the compression attribute set. !" Copy files with the compression attribute set. Prerequisites Before working on this lab, you must have: !" Knowledge of the NTFS file system. !" Knowledge of file compression. Estimated time to complete this lab: 15 minutes 2 Lab 13A: Configuring Disk Compression Exercise 1 Configuring Disk Compression In this exercise, you will enable disk compression and view the effects of compression on the Documents and Settings folder and subfolders. Scenario To provide the maximum storage capacity for your client computers, the IT manager has decided that NTFS disk compression will be enabled for folders on client computers that are low on disk space. You have been tasked with enabling disk compression for specified folders on your client computers. Tasks Detailed steps 1. Log on as Administrator a. Log on as Administrator with the password of password. with the password of b. Open Explorer, and then on the Tools menu click Folder Options. password and configure c. In the Folder Options dialog box, on the View tab, select the Show Microsoft® Windows® Explorer to display encrypted or compressed NTFS files in color check box, and then compressed files and folders click OK. in another color. 2. Compress the Documents a. In the left pane, expand Local Disk (C:), right-click Documents and and Settings folder Settings, and then click Properties. hierarchy. What are the Size and Size on disk values for the Documents and Settings folder? Answers will vary.
  • Part 1 Digital Forensics Module Jaap Van Ginkel Silvio Oertli

    Part 1 Digital Forensics Module Jaap Van Ginkel Silvio Oertli

    Part 1 Digital Forensics Module Jaap van Ginkel Silvio Oertli July 2016 Agenda • Part 1: Introduction – Definitions / Processes • Part 2: Theory in Practice – From planning to presentation • Part 3: Live Forensics – How to acquire a memory image – Investigate the image • Part 4: Advanced Topics – Tools – Where to go from here – And more 2 Disclaimer§ • A one or two-day course on forensics will not make you a forensics expert. – Professionals spend most of their working time performing forensic analysis and thus become an expert. • All we can offer is to shed some light on a quickly developing and broad field and a chance to look at some tools. • We will mostly cover Open Source Forensic Tools. 3 Introduction Forensics in History 4 Forensics – History 2000 BC 1200 BC 5 Introduction Definitions / Processes 6 Forensics – The Field digital forensics Computer Forensics Disk Forensics Mobil Forensics Memory Forensics Datenbase Forensics Live Forensics Network Forensics 7 Forensics - Definition • Digital Forensics [1]: – Digital forensics (sometimes known as digital forensic science) is a branch of forensic science encompassing the recovery and investigation of material found in digital devices, often in relation to computer crime. • Computer Forensics [2]: – Computer forensics (sometimes known as computer forensic science) is a branch of digital forensic science pertaining to legal evidence found in computers and digital storage media. The goal of computer forensics is to examine digital media in a forensically sound manner with the aim of identifying, preserving, recovering, analyzing and presenting facts and opinions about the information. 8 Forensics - Definitions • Network Forensics [3]: – Network forensics is a sub-branch of digital forensics relating to the monitoring and analysis of computer network traffic for the purposes of information gathering, legal evidence, or intrusion detection.[1] Unlike other areas of digital forensics, network investigations deal with volatile and dynamic information.
  • CD-ROM, CD-R, CD-RW, and DVD-ROM Drives) Are the Hardware Devices That Read Computer Data from Disks

    CD-ROM, CD-R, CD-RW, and DVD-ROM Drives) Are the Hardware Devices That Read Computer Data from Disks

    A Brief History of CD/DVD The first disc that could be written and read by optical means (using light as a medium) was developed by James T. Russell. In the late 1960s, Russell created a system that recorded, stored, and played audio/video data using light rather than the traditional contact methods, which could easily damage the disks during playback. Russell developed a photosensitive disc that stored data as 1 micron-wide dots of light and dark. The dots were read by a laser, converted to an electrical signal, and then to audio or visual display for playback. Russell's own company manufactured the first disc player in 1980, although the technology never reached the marketplace until Philips and Sony developed the technology. In late 1982, Philips and Sony released the first of the compact disc (CD) formats, which they then called CD-DA (digital audio). In the years since, format has followed format as the original companies and other industry members developed more adaptations of the original specifications. Digital Versatile disc (DVD) had its beginning in 1994, when two formats, Super disc (SD) and Multimedia CD (MMCD) were introduced. Promoters of the competing technologies failed to reach an agreement on a single standard until 1996, when DVD was selected as a convergence format. DVD has, in the few years since, grown to include variations that do anything that CD does, and more efficiently. Standardization and compatibility issues aside, DVD is well-placed to supplant CD. Magnetic vs Optical Media Optical media are storage media that hold information in digital form and that are written and read by a laser; these media include all the various CD and DVD variations, as well as optical jukeboxes and autochangers.
  • Softnas Deployment Guide for High- Performance SQL Storage

    Softnas Deployment Guide for High- Performance SQL Storage

    SoftNAS Deployment Guide for High- Performance SQL Storage Introduction SoftNAS cloud NAS systems are based on an innovative, memory-centric storage architecture that delivers unparalleled NAS performance, efficiency, and value. They incorporate a hybrid disk storage technology that tailors the usage of data disks, log solid- state cache drives (SSDs), and read cache SSDs to the data share's specific needs. Additional features include variable storage record size, data compression, and multiple connectivity options. As a Cloud NAS solution, SoftNAS cloud NAS systems provide an excellent base for Microsoft Windows Server deployments by providing iSCSI or Fibre Channel block storage for Microsoft SQL Server, and network file system (NFS) or server message block (SMB) file storage for Microsoft Windows client access. This document covers the best practices to follow when deploying Microsoft SQL Server on a SoftNAS cloud NAS system. The intended audience is storage administrators and Microsoft SQL Server database administrators. Maintaining High Availability As with any business-critical application, high availability is a crucial design criterion to be considered when deploying a Microsoft SQL Server installation. Microsoft SQL Server 2016 can be installed on local and/or shared file systems, and SoftNAS cloud NAS systems can satisfy both of these options. Local file systems (from the Microsoft Windows Server perspective) are hosted as block volumes—iSCSI and/or Fibre-Channel-connected LUNs and file systems as SMB and/or NFS volumes. High availability starts with the network connectivity supporting the storage and server interconnectivity. Any design for the storage infrastructure should avoid single points of failure. Because many white papers and publications cover storage-area networking and network-attached storage resilience, those topics are not covered in detail in this paper.
  • United States Patent 19 11 Patent Number: 5,907,703 Kronenberg Et Al

    United States Patent 19 11 Patent Number: 5,907,703 Kronenberg Et Al

    USOO5907703A United States Patent 19 11 Patent Number: 5,907,703 Kronenberg et al. (45) Date of Patent: May 25, 1999 54) DEVICE DRIVER FOR ACCESSING “Compact -Notes,” “Compact,” “Expand,” “Create More COMPUTER FILES Disk Space by Using Disk Compression on NTFS Vol umes,” Microsoft Windows NT 4.0 Help file, 1996. 75 Inventors: Pierre-Michel Kronenberg, Middleton; Mark Nelson and Jean-Loup Gailly, “The Data Compres Derek T. Zahn, Madison, both of Wis. sion Book,” M & T Books, Second Edition 1996, pp. 73 Assignee: Mijenix Corporation, Boulder, Colo. 209-212. Ruediger R. Asche, “The Little Device Driver,” Microsoft Development Network Technology Group. Technical 21 Appl. No.: 08/643,454 Articles: Windows: Drivers, Microsoft Developer Network 22 Filed: May 8, 1996 Library CD, Apr. 1996. 51) Int. Cl. ............................ G06F 15/163; G06F 9/00; “Introduction to Windows 95 Device Drivers,” DDK. Win G06F 9/46 dows 95 Device Driver Kit, Microsoft Developer Network 52 U.S. Cl. .................... 395/681; 395/828; 364/222.81; Library CD, Apr. 1996. 364/955 “DOS/Win32 Installable File System Specifications' DDK. 58 Field of Search ..................................... 395/680, 682, Windows 95 Device Driver Kit, Microsoft Developer Net 395/681 work Library CD, Apr. 1996. “StuffIt SpacerSaver User's Guide,” Aladdin System, Inc., 56) References Cited Sep. 1994, pp. 19-28. U.S. PATENT DOCUMENTS Primary Examiner Lucien U. Toplu 5,414,850 5/1995 Whiting .................................. 395/682 ASSistant Examiner-Peter Stecher 5,457,681 10/1995 Gaddis et al.. 5,572,209 11/1996 Farmer et al. ............................ 341/67 Attorney, Agent, or Firm Arnold White & Durkee 5,628,010 5/1997 Ooishi et al.
  • Guidelines on Mobile Device Forensics

    Guidelines on Mobile Device Forensics

    NIST Special Publication 800-101 Revision 1 Guidelines on Mobile Device Forensics Rick Ayers Sam Brothers Wayne Jansen http://dx.doi.org/10.6028/NIST.SP.800-101r1 NIST Special Publication 800-101 Revision 1 Guidelines on Mobile Device Forensics Rick Ayers Software and Systems Division Information Technology Laboratory Sam Brothers U.S. Customs and Border Protection Department of Homeland Security Springfield, VA Wayne Jansen Booz Allen Hamilton McLean, VA http://dx.doi.org/10.6028/NIST.SP. 800-101r1 May 2014 U.S. Department of Commerce Penny Pritzker, Secretary National Institute of Standards and Technology Patrick D. Gallagher, Under Secretary of Commerce for Standards and Technology and Director Authority This publication has been developed by NIST in accordance with its statutory responsibilities under the Federal Information Security Management Act of 2002 (FISMA), 44 U.S.C. § 3541 et seq., Public Law (P.L.) 107-347. NIST is responsible for developing information security standards and guidelines, including minimum requirements for Federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate Federal officials exercising policy authority over such systems. This guideline is consistent with the requirements of the Office of Management and Budget (OMB) Circular A-130, Section 8b(3), Securing Agency Information Systems, as analyzed in Circular A- 130, Appendix IV: Analysis of Key Sections. Supplemental information is provided in Circular A- 130, Appendix III, Security of Federal Automated Information Resources. Nothing in this publication should be taken to contradict the standards and guidelines made mandatory and binding on Federal agencies by the Secretary of Commerce under statutory authority.
  • Roxio Toast 17 Titanium User Guide

    Roxio Toast 17 Titanium User Guide

    Rax1a· toastTITANIUM··11 ¥a-t:;;J-�-@J USER GUIDE Roxio® Toast® 17 Titanium User Guide i Contents Getting Started 1 1 Installing The Software . 2 The Toast Main Window. 3 Burning Your First Disc With Toast . 5 Converting Video. 7 Choosing the Right Project . 7 About Discs . 9 Using the Media Browser . 10 Changing Recorder Settings . 13 Saving and Opening Toast Projects. 14 Erasing Discs . 15 Ejecting a Disc . 15 Toast Extras . 16 Technical Support Options . 19 Toast Titanium ii www.roxio.com Making Video Discs 21 2 Types of Video Discs . 22 Overview of Making a Video Disc. 23 Making a video disc with MyDVD . 24 Making a DVD or BD Video Disc . 25 Using Plug & Burn. 33 Making a DVD From VIDEO_TS Folders . 41 Making a VIDEO_TS Compilation. 44 Making a BDMV Folder Disc. 45 Creating an AVCHD Archive . 46 Making a video with Live Screen Capture 48 Editing videos with Toast Slice . 48 Editing Video . 48 Using Other Toast Features 51 3 Saving Disc Images . 52 Mounting Disc Images . 53 Comparing Files or Folders . 54 Creating a Temporary Partition . 55 Making Data Discs 57 4 What is a Data Disc?. 58 Toast Titanium Contents iii Types of Data Discs . 58 Overview of Making a Data Disc . 60 Burning Projects to Multiple Recorders . 61 Making a Mac Only Disc . 63 Making a Mac & PC Disc . 69 Making a DVD-ROM (UDF) Disc . 74 Making an ISO 9660 Disc . 75 Making a Photo Disc. 76 Encrypting a disc with Roxio Secure Burn. 77 Using Toast Dynamic Writing . 78 Making Audio Discs 79 5 What is an Audio Disc?.
  • Engineering Specifications

    Engineering Specifications

    DOC NO : Rev. Issued Date : 2020/10/08 V1.0 SOLID STATE STORAGE TECHNOLOGY CORPORATION 司 Revised Date : ENGINEERING SPECIFICATIONS Product Name: CVB-CDXXX (WT) Model CVB-CD128 CVB-CD256 CVB-CD512 CVB-CD1024 Author: Ken Liao DOC NO : Rev. Issued Date : 2020/10/08 V1.0 SOLID STATE STORAGE TECHNOLOGY CORPORATION 司 Revised Date : Version History Date 0.1 Draft 2020/07/20 1.0 First release 2020/10/08 DOC NO : Rev. Issued Date : 2020/10/08 V1.0 SOLID STATE STORAGE TECHNOLOGY CORPORATION 司 Revised Date : Copyright 2020 SOLID STATE STORAGE TECHNOLOGY CORPORATION Disclaimer The information in this document is subject to change without prior notice in order to improve reliability, design, and function and does not represent a commitment on the part of the manufacturer. In no event will the manufacturer be liable for direct, indirect, special, incidental, or consequential damages arising out of the use or inability to use the product or documentation, even if advised of the possibility of such damages. This document contains proprietary information protected by copyright. All rights are reserved. No part of this datasheet may be reproduced by any mechanical, electronic, or other means in any form without prior written permission of SOLID STATE STORAGE Technology Corporation. DOC NO : Rev. Issued Date : 2020/10/08 V1.0 SOLID STATE STORAGE TECHNOLOGY CORPORATION 司 Revised Date : Table of Contents 1 Introduction ....................................................................... 5 1.1 Overview .............................................................................................
  • Digital Forensics Based Analysis of Mobile Phones

    Digital Forensics Based Analysis of Mobile Phones

    Journal of Android and IOS Applications and Testing Volume 4 Issue 3 Digital Forensics Based Analysis of Mobile Phones Pooja V Chavan PG Student, Department of Computer Engineering, K. J. Somaiya College of Engineering, Mumbai, Maharashtra, India Email: [email protected] DOI: Abstract Now-a-day’s ratio of mobile phone is increasing day by day. Digital forensics methodology is use to recover and investigate data that found in a digital devices. Mobile phone usage is more that’s why not only judicial events occurred but also mobile forensics and subdivision of digital forensics are emerged. Some hardware and software are used for mobile phone investigations. Keywords: Digital forensics, digital devices, mobile phone INTRODUCTION because electronic device have a variety of Forensic science’s subdivision is a digital different operating system, technology, forensic, is a one type of process. The storage structure, Features. First identify main objective of this process to find the crime after that digital forensic work evidence in digital devices [1]. Digital on four important steps (Figure 1): forensics are used for the analysis of data, such as audio, video, pictures, etc. After • Collection: The collected of evidence the analysis of electronic devices data that like fingerprints, broken fingernails help for legal process. The usage of blood and body fluids. advanced technology is increasing rapidly. • Examination: The examination of Electronic device have a variety of product process is depending on evidence. like tablet, flash memory, memory card, • Analysis: The crime scenes obtain SD card, etc. When forensic analysis is different digital evidence, analysis is performed at that time data should be done on storage evidence this secure.
  • Insight Analysis

    Insight Analysis

    WINTER 2016 ISSUE 6 IT ASSET DISPOSAL • RISK MANAGEMENT • COMPLIANCE • IT SECURITY • DATA PROTECTION INSIGHT EU Data Protection Regulation Page 3 ANALYSIS Exploring the Hidden Areas on Erased Drives Page 17 9 TONY BENHAM ON 13 JEFFREY DEAN LOOKS 20 A GAME OF TAG: THE 21 WHO’S WHO: FULL LIST THE TRIALS OF BEING IN DETAIL AT THE DATA CLOSED-LOOP RFID OF CERTIFIED MEMBERS AN ADISA AUDITOR SECURITY ACT SYSTEM WORLDWIDE 2 Audit Monitoring Service EDITORIAL WINTER 2016 EDITOR Steve Mellings COPY EDITOR Richard Burton CONTENT AUTHORS Steve Mellings Anthony Benham When releasing ICT Assets as part of your disposal service it is vital to ensure your supply chain is Gill Barstow Alan Dukinfield processing your equipment correctly. This is both for peace of mind and to show compliance with the Data Protection Act and the Information Commissioner’s Office guidance notes. All members within This edition was due for release in the We welcome external authors who wish DESIGN summer. But the events of June 23 were to discuss anything that will add value Antoney Calvert at the ADISA certification program undergo scheduled and unannounced audits to ensure they meet the not only the stuff of debate in bars and to members. In this edition, Gill Barstow Colourform Creative Studio certified requirements. Issues that arise can lead to changes in their certified status – or even having it boardrooms throughout Europe – they discusses a favourite subject of ours – colour-form.com forced us into countless re-drafts. building your value proposition. And an old withdrawn. These reports can be employed by end-users as part of their own downstream management PRODUCTION friend, Gavin Coates, introduces his ITAD tools and are available free of charge via the ADISA monitoring service.
  • Introduction to ISO 9660

    Introduction to ISO 9660

    Disc Manufacturing, Inc. A QUIXOTE COMPANY Introduction to ISO 9660, what it is, how it is implemented, and how it has been extended. Clayton Summers Copyright © 1993 by Disc Manufacturing, Inc. All rights reserved. WHO IS DMI? Disc Manufacturing, Inc. (DMI) manufactures all compact disc formats (i.e., CD-Audio, CD-ROM, CD-ROM XA, CDI, PHOTO CD, 3DO, KARAOKE, etc.) at two plant sites in the U.S.; Huntsville, AL, and Anaheim, CA. To help you, DMI has one of the largest Product Engineering/Technical Support staff and sales force dedicated solely to CD-ROM in the industry. The company has had a long term commitment to optical disc technology and has performed developmental work and manufactured (laser) optical discs of various types since 1981. In 1983, DMI manufactured the first compact disc in the United States. DMI has developed extensive mastering expertise during this time and is frequently called upon by other companies to provide special mastering services for products in development. In August 1991, DMI purchased the U.S. CD-ROM business from the Philips and Du Pont Optical Company (PDO). PDO employees in sales, marketing and technical services were retained. DMI is a wholly-owned subsidiary of Quixote Corporation, a publicly owned corporation whose stock is traded on the NASDAQ exchange as QUIX. Quixote is a diversified technology company composed of Energy Absorption Systems, Inc. (manufactures highway crash cushions), Stenograph Corporation (manufactures shorthand machines and computer systems for court reporting) and Disc Manufacturing, Inc. We would be pleased to help you with your CD project or answer any questions you may have.