F6-Preparing for forensic Duplication Dr. John P. Abraham Professor UTPA.

Slides:

Advertisements

Similar presentations

A device that reads and writes data on a magnetic disk or tape. For writing, the surface of the disk or tape is moved past the read/write head. By discharging.

Advertisements

Hard Disks Low-level format- organizes both sides of each platter into tracks and sectors to define where items will be stored on the disk. Partitioning:

Chapter 4 Storing Information in a Computer Peter Nortons Introduction to Computers.

Ali Baydoun1 Controllers (hard drive controllers).

Hard Disk Drives Chapter 7.

Chapter 4 – Page 1QM-130Dr. Sulaiman Al-Rafee Chapter 4 – Storage Chapter Summary Properties of Storage Systems Magnetic Disks Optical Disks Other types.

P ROCESSING ELECTRONIC RECORDS Handling removable and fixed media in manuscript collections Meghan Bannon, Center for the History of Medicine, Harvard.

Computer Forensics Infosec Pro Guide

COEN 252 Computer Forensics

An Introduction to Computer Forensics James L. Antonakos Professor Computer Science Department.

Guide to Computer Forensics and Investigations, Second Edition

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

Chapter 22 All About SCSI.

Computer Forensics Principles and Practices

COS/PSA 413 Day 3. Agenda Questions? Blackboard access? Assignment 1 due September 3:35PM –Hands-On Project 1-2 and 2-2 on page 26 of the text Finish.

Computer Forensics Principles and Practices by Volonino, Anzaldua, and Godwin Chapter 5: Data, PDA, and Cell Phone Forensics.

COS/PSA 413 Lab 4. Agenda Lab 3 write-ups over due –Only got 9 out of 10 Capstone Proposals due TODAY –See guidelines in WebCT –Only got 4 out of 10 so.

Computer Forensics Principles and Practices by Volonino, Anzaldua, and Godwin Chapter 5: Data, PDA, and Cell Phone Forensics.

What is a Computer Network? Two or more computers which are connected together.

Chapter 3 Storage Prepared by: Mrs. Hanan AL- Asmari 1.

SECONDARY STORAGE DEVICES. MAGNETIC TAPE Data tape that stores large amounts of information that can only accessed sequentially. Commonly used for off-site.

Guide to Computer Forensics and Investigations, Second Edition

Chapter 7Assembling Your Own Computer System  7.1Assembling the Hardware 7.1Assembling the Hardware 7.1Assembling the Hardware  7.2Installing the Operating.

Chapter 8 All About SCSI.

Guide to Computer Forensics and Investigations, Second Edition Chapter 9 Data Acquisition.

PC Maintenance: Preparing for A+ Certification

A+ Guide to Managing and Maintaining Your PC Fifth Edition Chapter 24 Troubleshooting and Maintenance Fundamentals.

A+ Guide to Managing and Maintaining Your PC Fifth Edition Chapter 8 Understanding and Installing Hard Drives.

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

Untitled (Hidden Track): Born Digital Content Preservation Service at UIUC Tracy Popp, MS LIS, CAS Digital Preservation Coordinator University Library.

A+ Guide to Managing and Maintaining Your PC Fifth Edition Chapter 22 All About SCSI.

Phases of Computer Forensics 1 Computer Forensics BACS Management Information Systems for the Information Age 5e, Haag, Cummings, McCubbrey, 2005,

Data, PDA and Cell Phone Forensics. 2 Introduction It is important to understand how the technology works in order to properly gather evidence from the.

F8-Noncommercial-Based Forensic Duplications Dr. John P. Abraham Professor UTPA.

Guide to Computer Forensics and Investigations, Second Edition Chapter 2 Understanding Computer Investigation.

Ch Review1 Review Chapter Microcomputer Systems Hardware, Software, and the Operating System.

7 Handling a Digital Crime Scene Dr. John P. Abraham Professor UTPA.

INFO1 – Practical problem solving in the digital world

Storage & Connectivity Devices. Internal / External Hard Drive Also known as hard disks Internal drive stores the operating system software, application.

Understanding and Troubleshooting Your PC. Chapter 5: Understanding, Installing, and Troubleshooting Disk Drives2 Chapter Objectives  In this chapter,

Chapter 13 Troubleshooting and Maintenance Fundamentals.

Hard Drive Installation ©Richard L. Goldman Revised - January 4, 2001.

Lecture No 11 Storage Devices

1. MAGNETIC HARD DRIVES 2. SOLID STATE DRIVES 3. OPTICAL DISKS 4. FLASH MEMORY 5. CLOUD STORAGE 6. CONNECTIVITY DEVICES Storage and connectivity devices.

Windows and File Management

Chapter 2 Understanding Computer Investigations Guide to Computer Forensics and Investigations Fourth Edition.

Chapter 5 Processing Crime and Incident Scenes Guide to Computer Forensics and Investigations Fourth Edition.

Computer Hardware Maintenance & Repairs Computer Hardware Maintenance & Repairs Suleiman Mohammed (mncs,mcpn) Instructor Institute of Computing & ICT,

Forensics Jeff Wang Code Mentor: John Zhu (IT Support)

Internal & External components of the computer Abby Davis.

Digital Literacy: Computer Basics

Measuring and Improving Drive Performance

Storage Hardware Chapter 4 Preserving Data and Information Computer Components & Networks, 2002.

361 Hardware, Software, and Computer Performance Lec 2.

Chapter 7 - The Local Area Network Arrives Introduction Motivation (mainframes & minicomputers with terminals) Interchangeable Media (removable disks and.

Secondary Storage – 1980’s 5 ¼” Floppy Drive – very low storage capacity maxing out at 1.2 Mb Mid-1980’s – 1990’s 3 ½” Floppy Drive – low storage.

Computer Forensics Tim Foley COSC 480 Nov. 17, 2006.

COM 205 Multimedia Applications St. Joseph’s College Fall 2003.

PCs ENVIRONMENT and PERIPHERALS Lecture 4. An expansion cards: - An expansion card (expansion board) is an electronic circuit board that adds more functionality.

Chapter Objectives In this chapter, you will learn:

Transfer of data in ICT systems

Computer and Information Technology for HKCEE

Effective Disk Cloning Software

Guide to Computer Forensics and Investigations Fifth Edition

Chapter Overview Computer Disassembly and Reassembly

How Computers Work.

Troubleshooting and Maintenance Fundamentals

Digital Forensics CJ

Hard disk basics Prof:R.CHARLES SILVESTER JOE Departmet of Electronics St.Joseph’s College,Trichy.

Presentation transcript:

F6-Preparing for forensic Duplication Dr. John P. Abraham Professor UTPA

Tools Your toolkit need to have every type of computer hardware interface going back many years. Hard drives such as IDE, SCSI, firewire, raid, cds, dvds, floppy drives, etc. and appropriate cables and terminators. Screwdrivers, flashlight, drill, jumpers, cable ties, power cords for internal and external, Digital camera. Take plenty of pictures, before and after. Chain of custody forms, evidence labels, permanent markers, evidence envelopes, evidence tape, anti-static bags, evidence hard drives, boot floppies/cd roms, blank cds, dvds, floppies, hub, switch, network cable, power strip, operating system installation media.

Document, Document, Document Evidence worksheets System worksheets Agent notes Evidence labels Chain of custody forms Evidence custodian logs Evidence access logs Each piece of hardware must be documented with make model, serial number, evidence tag number, geometry capacity and jumper settings, expansion cards present, peripheral connections, physical location, etc. Keep notes on any relevant information such as conference calls, shipment tracking numbers, findings,

Label duplicated items Case number Evidence tag numbers Contents Acquired by Date Number of partitions, type of file system, etc.

Chain of custody Source individual Source location Destination individual Destination Location Transfer date Signatures –Final place is the evidence safe maintained by the evidence custodian. Evidence custodian keeps a log: –Date, name, case number, time in, time out