| Dictionary, Encyclopedia and Thesaurus - The Free Dictionary 3,589,385,837 visitors served. |
Dictionary/ thesaurus | Medical dictionary | Legal dictionary | Financial dictionary | Acronyms | Idioms | Encyclopedia | Wikipedia encyclopedia | ? |
computer forensics |
Also found in: Wikipedia | 0.01 sec. |
|
|
computer forensics The investigation of a computer system believed to be involved in cybercrime. Forensic software provides a variety of tools for investigating a suspect PC. Such programs may include a function that copies the entire hard drive to another system for inspection, allowing the original to remain unaltered.Another utility compares file extensions to the data content in order to determine if files have been camouflaged with phony file extensions. For example, an image file might be renamed as a text document and vice versa. Network Forensics In order to identify attacks, "network forensics" deals with the capture and inspection of packets passing through a selected node in the network. Packets can be inspected on the fly or stored on disk for later analysis. See forensically clean, slack space, write blocker, file wipe, IDS, Internet forensics and security event management software. The National Institute of Standards and Technology "Guide to Integrating Forensic Techniques into Incident Responses" covers four phases, which are briefly summarized below. For the complete 121-page NIST publication, download draft SP 800-86 at http://csrc.nist.gov/publications/nistpubs. 1 - Collection: Identify, label, record and acquire data from possible sources, while preserving the integrity of the data. 2 - Examination: Use manual and automated methods to assess and extract data of particular interest, while preserving the integrity of the data. 3 - Analysis: Use legally justifiable methods and techniques to derive useful information. 4 - Reporting: Describe actions used, explain how tools and procedures were selected, determine what other actions need to be performed, including forensic examination of additional data sources, securing identified vulnerabilities and improving existing security controls. Recommend improvements to policies, guidelines, procedures, tools and other aspects of the forensic process. computer forensics [kəm¦pyüd·ər fə′ren·ziks] (forensic science) The study of evidence from attacks on computer systems in order to learn what has occurred, how to prevent it from recurring, and the extent of the damage. How to thank TFD for its existence? Tell a friend about us, add a link to this page, add the site to iGoogle, or visit webmaster's page for free fun content. |
|
| Encyclopedia |
| Free Tools: |
For surfers:
Free toolbar & extensions |
Word of the Day |
Help
For webmasters: Free content | Linking | Lookup box | Double-click lookup | Partner with us |
|---|