Forensics Jeff Wang Code 610.2 Mentor: John Zhu (IT Support)

Slides:

Advertisements

Similar presentations

15 Maintaining a Web Site Section 15.1 Identify Webmastering tasks Identify Web server maintenance techniques Describe the importance of backups Section.

Advertisements

Practical Application of Computer Forensics Lisa Outlaw, CISA, CISSP, ITIL Certified.

GCSE ICT Networks & Security..

GETTING BITS OFF DISKS Using Open Source Tools to Prepare Born-Digital Materials for Long-Term Preservation and Access To connect to the audio portion.

Effective Discovery Techniques In Computer Crime Cases.

F6-Preparing for forensic Duplication Dr. John P. Abraham Professor UTPA.

No Nonsense File Collection Presented by: Pinpoint Labs Presenter: Jon Rowe, CCE, ISFCE Certified Computer Examiner Members: The International Society.

Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.

An Introduction to Computer Forensics James L. Antonakos Professor Computer Science Department.

Computer Forensics, The Investigators Persepective Paul T. Mobley Sr. Computer Forensics Consultant Jawz Inc.

Teaching Computer Forensics Using Student Developed Evidence Files Anna Carlin Cal Poly Pomona.

Guide to Computer Forensics and Investigations Fourth Edition

DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,

Technology for Computer Forensics by Alicia Castro.

COS/PSA 413 Day 16. Agenda Lab 7 Corrected –2 A’s, 1 B and 2 F’s –Some of you need to start putting more effort into these labs –I also expect to be equal.

COS/PSA 413 Day 5. Agenda Questions? Assignment 2 Redo –Due September 3:35 PM Assignment 3 posted –Due September 3:35 PM Quiz 1 on September.

Computer Forensics Tools

Computer Forensics Mr.PRAWEE PROMPONMUANG M.Sc(Forensic Science) NO

Guide to Computer Forensics and Investigations, Second Edition

Guide to Computer Forensics and Investigations, Second Edition Chapter 9 Data Acquisition.

CYBER FORENSICS PRESENTER: JACO VENTER. CYBER FORENSICS - AGENDA Dealing with electronic evidence – Non or Cyber Experts Forensic Imaging / Forensic Application.

Security The Kingsway School. Accidental Data Loss Data can be lost or damaged by: Hardware failure such as a failed disk drive Operator error e.g. accidental.

 Review the security rule as it pertains to ›Physical Safeguards ♦ How to protect the ePHI in the work environment ♦ Implementation ideas for your office.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

Guide to Computer Forensics and Investigations, Second Edition Chapter 2 Understanding Computer Investigation.

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

15 Maintaining a Web Site Section 15.1 Identify Webmastering tasks Identify Web server maintenance techniques Describe the importance of backups Section.

Section 15.1 Identify Webmastering tasks Identify Web server maintenance techniques Describe the importance of backups Section 15.2 Identify guidelines.

Computer Forensics Iram Qureshi, Prajakta Lokhande.

Undergraduate Technology Programs John Baker Johns Hopkins University Carey Business School

1 Welcome: To the second learning sequence “ Data Base (DB) and Data Base Management System (DBMS) “ Recap : In the previous learning sequence, we discussed.

GO! All In One 2/E By: Shelley Gaskin, Nancy Graviett, Debra Geoghan Chapter 2 Getting Started with Windows 8.1 Copyright © 2015 Pearson Education, Inc.

Data Recovery Techniques Florida State University CIS 4360 – Computer Security Fall 2006 December 6, 2006 Matthew Alberti Horacesio Carmichael.

Computer Forensics Principles and Practices

Backup Procedure  To prevent against data loss, computer users should have backup procedures  A backup is a copy of information stored on a computer.

CLOUD COMPUTING Overview on cloud computing. Cloud vendors. Cloud computing is a type of internet based computing where we use a network of remote servers.

G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.

Forensic Procedures 1. Assess the situation and understand what type of incident or crime is to be investigated. 2. Obtain senior management approval to.

Chapter 2 Understanding Computer Investigations Guide to Computer Forensics and Investigations Fourth Edition.

COEN 250 Computer Forensics Windows Life Analysis.

Introduction to Networking MakingConnections Why Network? connect! When a company or people want to make the most of their resources they connect!

Computer Forensics Presented By:  Anam Sattar  Anum Ijaz  Tayyaba Shaffqat  Daniyal Qadeer Butt  Usman Rashid.

IT1001 – Personal Computer Hardware & system Operations Week7- Introduction to backup & restore tools Introduction to user account with access rights.

When Is Full Blown Forensics Necessary? John Rosenthal, Esq. Partner, Winston Strawn DC Office Chris H. Paskach Partner KPMG LLP Patrick Oot, Esq Vice.

By: Jeremy Henry. Road Map  What is a cybercrime?  Statistics.  Tools used by an investigator.  Techniques and procedures used.  Specific case.

Computer Forensics Tim Foley COSC 480 Nov. 17, 2006.

Computer Forensics By Chris Brown. Computer Forensics Defined Applying computer science to aid in the legal process Utilization of predefined set of procedures.

By: Tom Maloney. Overview What is ProDiscover What it can be used for A few quick tools A real example ProDiscover vs. ENCASE ProDiscover IR Applications.

By: Mike Nazzario. What is a Data Center?  Facility used to house computer servers for remote storage  Sensitive Data  Warehouse – room with a couple.

By Jason Swoyer.  Computer forensics is a branch of forensic science pertaining to legal evidence found in computers and digital storage mediums.  Computer.

RECORDS MANAGEMENT Judith Read and Mary Lea Ginn Chapter 12 Electronic Media and Image Records 1 © 2016 Cengage Learning ®. May not be scanned, copied.

The information that is stored on business computer and hard drives needs to be securely destroyed and is important part of managing the information security.

WHAT ARE BACKUPS? Backups are the last line of defense against hardware failure, floods or fires the damage caused by a security breach or just accidental.

By: Tom Maloney. Overview What is ProDiscover What it can be used for A few quick tools A real example ProDiscover vs. ENCASE ProDiscover IR Applications.

Alicia A. Coon COSC 480 October 27, 2006

Creighton Barrett Dalhousie University Archives

Welcome © GTM Software. Welcome © GTM Software.

Working at a Small-to-Medium Business or ISP – Chapter 8

ICT meeting Business needs

Things To Avoid: 1-Never your password to anyone.

CHFI & Digital Forensics [Part.1] - Basics & FTK Imager

Computer Fundamentals

COEN 252: Computer Forensics

Jeopardy Data Hardware & Software Files and Folders Networking Q $100

Digital Forensics Chris Rozic.

Guarding against loss of data

Thursday April 19, 2018 (Discussion – Storing and Retrieving Data, Processing the Electronic Crime Scene)

Forensic Recovery of Evidence Device (FRED)

G061 - Network Security.

Presentation transcript:

Forensics Jeff Wang Code Mentor: John Zhu (IT Support)

Computer Forensics Forensics is the application of science to answer questions to a legal system Forensics is the application of science to answer questions to a legal system Computer forensics pertains to legal evidence found in computers and other digital storage mediums Computer forensics pertains to legal evidence found in computers and other digital storage mediums

Responsibilities To recover data in the event of a hardware or software failure To recover data in the event of a hardware or software failure To gather evidence against an employee that an company wishes to terminate To gather evidence against an employee that an company wishes to terminate To gain information about how computer systems work for the purpose of debugging or performance optimization To gain information about how computer systems work for the purpose of debugging or performance optimization

Tools of the trade FTK (Forensic Toolkit) – scans hard drives looking for various information FTK (Forensic Toolkit) – scans hard drives looking for various information Encase – images storage medias, examines files stored on the media Encase – images storage medias, examines files stored on the media Examines parts of storage media that are not normally accessible by users Examines parts of storage media that are not normally accessible by users

Summary of what I did Wipeout data on old storage medias (such as hard drives and tapes) so they can be thrown out Wipeout data on old storage medias (such as hard drives and tapes) so they can be thrown out Remove all important from HDD so they can be reused Remove all important from HDD so they can be reused Help users retrieve data that they may have deleted Help users retrieve data that they may have deleted Help maintain network security Help maintain network security

How they can use forensics to improve IT support Use forensic tool to recover data in the event a user deletes date by mistake or in the event of a hardware failure Use forensic tool to recover data in the event a user deletes date by mistake or in the event of a hardware failure Use tools to thoroughly wipeout sensitive data off storage medias Use tools to thoroughly wipeout sensitive data off storage medias Use the tools to crack passwords Use the tools to crack passwords

The End