Computer Forensics: Defintion

Computer forensics is a branch of forensic science (though is often not dealt with as such, and is rarely held to the same standards, as a pure science such as DNA analysis.

Computer forensics, relates to legal evidence found in computers and other storage systems – e.g mobile phones, back up tapes, firewalls, and network logs.

The field of Computer Forensics also has sub branches within it such as Firewall Forensics, and Mobile Device Forensics.

There are many reasons to employ the techniques of computer forensics:

  • In legal cases, computer forensic techniques are frequently used to analyze computer systems belonging to defendants (in criminal cases) or litigants (in civil cases).
  • To recover data in the event of a hardware or software failure.
  • To analyze a computer system after a break-in, for example, to determine how the attacker gained access and what the attacker did.
  • To gather evidence against an employee that an organization wishes to terminate.
  • To gain information about how computer systems work for the purpose of debugging, performance optimization, or reverse-engineering.

Wiki Article

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: