Computer forensics is the application of computer investigation and analysis techniques in the interests of determining potential legal evidence.
The forensic term can be used in many different areas in where they all agree with the forensic term (the theory behind the investigation and analysis), but they are differ in the final outcome. For example, Dentistry Forensic, Archaeology Forensic, Accounting Forensic, Graphology Forensic, Medicine Forensic, Digital Forensic, Network Forensic, Pathology Forensic, Psychology Forensic, Science Forensic, Toxicology Forensic and more. However, I will be focusing on the Digital and Network Forensics, where you can learn the forensic fundamental basis, forensic methodology, Windows forensic, iOS forensic, mobile phone forensic, network forensic; along with the ability to interact with LINUX System.
The question is “Who Does the Computer Forensic Analysis?”
The answer that many people might think of or will come up with is the Police. However, that is not necessary correct nowadays, because more and more companies now realise that they need “in-house” Forensics employees as first response to possible, intrusion and malicious intent.
Several facts about the Digital Forensic:
- Digital Forensic is not a proactive security, but a reactive scene to an event or request.
- Digital Forensic is not about finding the bad guys, but about finding evidences that might be very of valuable.
- Digital Forensic is not something you do for fun, but it requires some expertise.
- Digital Forensic is not something can be done quickly, but it takes some time to find any malicious activity.
Note: Multi TeraByte drives are becoming available. Thus, it is getting harder and becoming very difficult to find the result. Just imagine the time takes from you when you are looking for specific sheet between more than 5000 sheets. The PowerPoint file explains this in details (Digital Forensics):
In conclusion, Digital Forensic id not CSI (Crime Scene Investigation), but it is more likely to be gathering electronic evidences in the crime scene and analyse them to find any malicious or misuse activities.