USA: +1 725-224-8795
USA: +1 725-224-8795

Question & Answer: Write a 1-page report detailing how you would decide what is the best forensic tool…..

Write a 1-page report detailing how you would decide what is the best forensic tools for your newly created forensic team. What would you look for? What would be your most critical factors? Cite examples.

Expert Answer

 

Answer:-

Don't use plagiarized sources. Get Your Custom Essay on
Question & Answer: Write a 1-page report detailing how you would decide what is the best forensic tool…..
GET AN ESSAY WRITTEN FOR YOU FROM AS LOW AS $13/PAGE
Order Essay

Forensic tools:- Forensic tools are the tools which are use to investigate and analysis to collect the information or evidences from a particular computer .These tools are basically used in computer crimes in a way that suitable for presentation in court of law .

For our newly created forensic team the forensic tools which I decide to select are :-

  • Sans Sift:- Sans sift is an investigation tools which run on Ubuntu base life CDs.It has a various application which allow us to conduct in depth forensic and allow us to incidence response investigation.ThE key features of Sans Sift are memory utilization ,cross compatibility ,expended file system support
  • The sleuth Kit :- The sleuth kit is use to analyses the file system in depth, it has a package with orthopsy which has addition features like timeline analysis , hash filtering, file system analysis and keyword searching.
  • FTK Imager:- FTk imager provide a data preview indamaging tools allow us to view finding in window explorer It is used to examine files and folder in local network drives and also review the content od memory dumps .
  • DEFT:- DEFT is use for mobile forensic which has a feature of data recovery and hashing .It is run live on system without corrupting devices It is used in military , universities Law enforcement .All the temporary storage areas and network traffic acquisition tools does not alter the data being acquired.
  • Volatility :- Volatility extract digital artifact from ramp dumps and gives us the detail of running process ,open network sockets ,DLL loaded and host of other information.It is a collection of tools which is implemented in python ,it is open source which is use for incident response and malware analysis .
  • Mandiant redline :- Mandiant redline is use to examine a specific host by collecting a huge amount of information on running process , drivers , file system metadata , event logs and many other elements.It is American cyber security services.

So these are the some forensic tools which i choose to for our forensic team for investigation .

Still stressed from student homework?
Get quality assistance from academic writers!
Order now