Earlier in the Field Guide for Investigating Computer Crime, we outlined the two major parts of our investigative methodology: search and seizure, and information discovery (for more the details, please see Overview of a Methodology for the Application of Computer Forensics). The previous installment in this series, Search and Seizure, Evidence Retrieval and Processing , concluded the overview of search and seizure with a discussion of the retrieval and processing of computer crime scene evidence. In this installment of the Field Guide for Investigating Computer Crime, we will begin our discussion of information discovery, the process of viewing log files, databases, and other data sources on unseized equipment, in order to find and analyze information that may be of importance to a computer crime investigation.
Read Entire Paper
E-Mail Link
Your IP address will be sent with this e-mail
