Professional Documents
Culture Documents
JIBIN.N
❑ Scanning a system - Systematic probing of ports to see which ones are open ( test IPs)
❑ Denial–of–Service (DoS) attack - any attack designed to disrupt the ability of authorized
users to access data
■ Forensics Methodology
■ Acquire the evidence without altering or damaging the origin.
investigation are:
Preventing changes of in situ digital evidence, including isolating the system on the
network, securing relevant log files, and collecting volatile data that would be lost when
the system is turned off. This step includes subsequent collection or acquisition
Searching for and interpreting trace evidence. Some process models use the terms
❑ Forensic examination is the process of extracting and viewing information from the
❑ In contrast, forensic analysis is the application of the scientific method and critical
❖Staircase Model
❖Subphase Model
❑ Physical evidence may exist around a server that was attached by an employee and
usage evidence may exist around a home computer that contains contraband.
❑ Furthermore, the end goal of most digital investigation is to identify a person who is
investigation.