Hi, need to submit a 1500 words paper on the topic Digital Forensic Investigation. The identification features are permanently associated with the given artifact and this gives it a unique tag. This specific designation gives room for positive identification of the evidence. The unique identification is in line with the core requirement of a verifiable procedure of custody. The handover process is well documented in the evidence custody journal and safely secured to ensure integrity is maintained.
Autopsy Forensic is a commonly used open-source forensic tool. It is a graphical digital forensics platform hosting the Sleuth Kit as well as other digital forensics tools. Normally it’s utilized by government law enforcement institutions such as the police, national defense, and private examiners in the investigation of digital devices. It is used to recover erased contents of file systems as well as conducting keyword searches.
CAINE (Computer Aided Investigative Environment) is an integrated digital forensics environment based on Ubuntu-based GNU/Linux live distribution offering a complete forensic environment with a user-friendly graphical interface and a semi-automated report generating feature.
Once the investigator received the USB image, the preservation of its original state was attained and recorded. The main reason to preserve the image is to maintain its integrity as it is prone to tampering and alteration in the succeeding forensic analysis phases. Immediately the image integrity is established the subsequent analysis is conducted on copies. This gives a way of comparing the copy with the original at any phase. As a result, the copies are verified to be authentic and have not been altered in any way thereby relevant and reliable.
The initial step in analyzing the image is to find the number and kind of partitions the image holds and is achieved by running both the fdisk and MLS controls on the image. Then the partitions are segregated for analysis using the dd command.