Computer Forensics


 

When processing a crime scene that contains cyber evidence, there are three main categories of evidence. Areas to be searched may be obvious, such as a desk with a computer on it or drawers containing computer-related material. Other areas, such as suspended ceilings and adjacent rooms may also be important. Local Area Networks (LANS) will often connect multiple computers, tablets, and smartphones to each other. In addition, either intentionally or for functional aesthetics, devices supporting connections and even power backup may be concealed in suspended ceilings, behind panels, or in adjacent rooms/closets.

Research and identify the following types of evidence that may be found in a multi-computer crime scene and that should be seized:

  • Category 1: Remember that hardware means a physical device that computes, stores virtual files, scans, or prints.
  • Category 2: Software may be in various forms and contains programs that can be loaded onto computer hardware to perform functions. Software by itself cannot do anything.
  • Category 3: The lab needs to set up the computer-seized items using the same materials brought from the crime scene in the same configuration. This includes power sources, connection cables, and wireless connection devices.

List 3 items of evidence from each category, and briefly identify their function.

For assistance with your assignment, please use your text, Web resources, and all course materials.