Assignment 2

Assignment 2

QUESTION 1: Key Technologies This Individual Could Have Been Using To Communicate With His Co-Conspirators And The Possible Information/Problems They Might Pose To The Forensics Investigators.

Answer

Technology has taken the world by storm in recent decades; the advent of the computer has completely revolutionized the way people live, work and play. Particularly, computers have affected businesses in numerous ways, allowing them to run more efficiently. However, there is a dark side to computers, when individuals use them to lash out malicious assaults. These assaults may include fraud, identity theft, hacking, embezzlement and a wide array of other activities. When these individuals are caught, specialists are called in to seize and gather information from the computers. Computer forensics is the science of locating, extracting, analyzing and protecting types of data from different devices, which specialists then interpret to serve as legal evidence.

Computer crimes have been occuring for nearly 30 years, since computers were being used in production. Evidence can be derived from computers and then used in court. Initially, judges accepted the computer-derived evidence as no different from other forms of evidence; however, as data became more ambiguous with the advancement of computers, they were not as reliable. Therefore, the US government stepped in and addressed some of these issues.1 It is important to note that evidence gathered from computers is subject to the same standards as evidence gathered from any other type of crime scene. "Computer evidence is like any other evidence; it must be authentic, accurate, complete, convincing to juries and in conformity with common law and legislative rules (admissible)."2 Thus, to be credible and reliable, the evidence gathered from suspected computer-related crimes must conform to the same standards as other types of evidence.

Thirty years ago, computers ran on an operating system called UNIX, which was created in the late 1960s by Bell Labs. The developers of UNIX created numerous small applications that worked together to perform more complex tasks, because they believed this would be a more efficient way of handling computer processes, rather than having one large application to control everything. One of the benefits of these small components was the ability to create exact duplications of disks. Therefore, utilizing tools from UNIX is suitable for computer forensics work.

Presently, there are several types of tools that computer forensics specialists use to locate, extract and analyze data. Imaging is a tool that is used for extracting data. It creates an exact copy of all of the data on the disk. This is an important tool, because, by making an exact copy, it ensures that the original data stay protected. EnCase is an imaging software that allows specialists to extract data from numerous types of media, including hard drives, Zip drives and floppy disks. EnCase is especially advantageous because it can extract data from multiple types of media that could potentially hold incriminating evidence. Another imaging software is Vogon Forensic Software, which creates an exact copy of a drive.

It has the capability to index the contents ...