IT Governance, Risk, and Compliance:

Data Acquisition

1

August 17, 2009  8:26 PM

Preserving Electronically Encoded Evidence – Part IV



Posted by: Robert Davis
Boot, Configuration, Data Acquisition, Electronic Discovery, Event Management, Forensic Imaging Software, Illegal Acts, Incident Handling, Incident Response, Information Security Management, Irregularities, ISM, Law Enforcement

Whether target data is in transit or at rest, it is critical that measures are in place to prevent the sought information from being destroyed, corrupted or becoming unavailable for forensic investigation. When evidence is at rest, adequate procedures should be followed to ensure evidential

August 13, 2009  9:04 PM

Preserving Electronically Encoded Evidence – Part III



Posted by: Robert Davis
Boot, Configuration, Data Acquisition, Electronic Discovery, Event Management, Forensic Imaging Software, Illegal Acts, Incident Handling, Incident Response, Information Security Management, Irregularities, ISM, Law Enforcement

Creating evidential copies through routine backup procedures will only permit replicating specific files while none of the files with delete indicators are recovered, nor the designated 'free space' between files. To remediate this limitation, a


August 10, 2009  7:59 PM

Preserving Electronically Encoded Evidence – Part II



Posted by: Robert Davis
Boot, Configuration, Data Acquisition, Electronic Discovery, Illegal Acts, Incident Handling, Incident Response, Information Security Management, Irregularities, ISM, Law Enforcement

Conditionally, if the target system is turned off, simply turning the technology on and permitting a 'boot' can introduce content changes to files directly or indirectly connected through


1

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: