Forensic computing Essay Example | Topics and Well Written Essays - 1250 words

Forensic computing - Essay ExampleA user slew use criteria such as size, billname, creation and modified dates in locating charge ups. The expect results returned by OS rhetoricals are made available in different views which include the timeline view, thumbnail view and tear listing (Beijnum, 2009, p. 23). This helps the user determine the pattern of activity on the computer and know where significant file change occurred. as well locating the files, this tool can go further to search within contents of each file for a full analysis. OS forensics has a powerful pre-indexed search capability that offers full text search to hundreds of file formats. Below is a list of what results OS forensics can offer Highlighting Wildcard searches Relevance be search results Exclusion searches Date sorting or date range searching Exact joint matching Google-like context results File listing view of search results The file formats that can be indexed by OS forensics include RTF, WPD, SWF, D JVU, DOC, PDF, PPT, XLS, JPG, GIF, PNG, TIFF, XLSX, MHT, ZIP, MP3, DWF, DOCX, PPTX and more. In instituteition, it has a feature that helps analyze files so as to determine their file type if they lack file extension. The advanced hashing algorithm in OS forensics can help spend a penny a unique fingerprint that is used to identify a file. OS forensics can help the tec to organize the evidence discovered into a cryptographically secure single file. The expert can add more results and evidence to the pillowcase file for future reference and analysis and be confident that the case file cannot be tampered with. Case management helps the user to organize and aggregate case items and results from OS forensics. An service of this software is that it can be installed and run from a USB flash drive thus helps you in retention your investigation tools and reports with you when you are mobile (Cansolvo & Scholtz, 2004, p. 85). A user should avoid installing any software on the target mac hine so as to avoid the risk of unintentionally overwriting or deleting valuable forensic data left by the suspect. With OS forensics, the computer expert can export case files as customizable and accessible reports that show all the evidence gathered. This feature helps to deliver a summary of readable forensic findings to law enforcement agents or clients at any time during the investigation. OS forensics can be used to cure e-mail messages directly from their archives without the need to install email client programs such as thunderbird or Outlook (Dimitrova, Bellotti, Lozanova & Roumenin, 2011). It reads directly into the archive and displays everything from message headers, HTML, Rich Text Format and regular Text. Supported file formats are Mbox for thunderbird, UNIX mail, Eudora and more. Pst for outlook. Msg for outlook. Dbx for outlook express. Eml for outlook express. All the attachments associated with the specified email can be extracted too. email searching functionali ty embedded in OS forensics can be used to quickly search crosswise all the content in the emails archive effectively. OS forensics Email Viewer The forensic value of carrying out the processes described above may vary depending on various factors such as who needs the information and for what purpose is the information in question needed (Lin & Stead, 2009, p. 67). This valuable