Main Issues Language and terminology Flashcards
What is forensics
The use of science to process collected evidence so one can:
- Establish “the facts of a case”
- Examine in a consistent and scientific manner
- Make sure that there is no alteration of the facts
- make sure the analysis and conclusions does correspond to the reality/truth
Forensics primarily deals with latent evidence, what is latent evidence?
It may take many forms that range from fingerprints to DNA to the files of a hard drive.
Why do we need digital forensics?
We live in a high technology society and the growth of cyberspace is exponential, almost everything is connected to the internet. Cyber crimes becomes overwhelming and there is a constant need for improvement of the security of the whole societal infrastructure.
What is Computer forensics?
It´s the use of investigative and analytical techniques to..
1. Identify
2. Collect
3. Examine
4. Preserve
..information that is digitally stored and encoded
What is Digital Forensics?
The process of uncovering and interpreting electronic data. The goal is to preserve any evidence in its most original form while performing a structured investigation by..
1. collecting
2. identifying
3. validating
.. the digital information for the purpose of reconstructing past events.
Name some challenges in digital forensics
- Data deluge (3V -Volume,Veracity, Velocity)
- Distributed crime scene activities and artifacts
- Limitations of resources
- Exponential growth of caseloads
Explain the difference between forensics and security
Security - In general security wants to preserve the digital system as it is, observing the policy that has been defined, a lot of risk assessment.
Forensics - Attempts to explain how the policy came to be violated which may lead to finding flaws and hence making improvements in the future
What is auditing?
A snapshot of the current state of the system, we need to be able to backtrack. Trails, usually machine readable that have to be made human readable
What is evidence?
In the broadest sense includes everything that is used to determine or demonstrate the truth of assertions.
Which are the 5 TYPES of evidence?
- Intuitive
- Scientific
- Personal
- Anecdotal
- Legal
Which are the 4 CATEGORIES of evidence?
- Impressions
- Bioforensics
- Trace evidence
- Material evidence
Which are the 7 +1 CLASSIFICATIONS of evidence?
- Circumstantial
- Direct
- Documentary
- Original
- Real
- Hearsay
- Testimony
+Expert Testimony
Give examples of impressions evidence
- fingerprints
- tool marks
- footwear marks
Give examples of bioforensic evidence
- body fluids
- hair
- nail scrapings
- blood stain patterns
Give examples of trace evidence
(residue of the things used for committing the crime)
- arson accelerant
- paint
- glass
- fibers
