Digital Forensics

Question 1

is a branch of Forensic Science that focuses on identifying, acquiring, processing, analyzing, and reporting on data stored electronically

Answer 1

Digital forensics

Question 2

is the process of storing, analyzing, retrieving, and preserving electronic data that may be useful in an investigation. It includes data from hard drives in computers, mobile phones, smart appliances, vehicle navigation systems, electronic door locks, and other digital devices (Simplilearn, 2023)

Answer 2

Digital forensics

Question 3

a component of almost all criminal activities and digital forensics support is crucial for law enforcement investigations

Answer 3

Electronic evidence/ Digital evidence

Question 4

Steps of Digital Forensics

Answer 4

1. Identification
2. Preservation
3. Analysis
4. Documentation
5. Presentation

Question 5

this is the initial stage in which the individuals or devices to be analyzed are identified as likely sources of significant evidence

Answer 5

Identification

Question 6

It focuses on safeguarding relevant electronically stored information (ESI) by capturing and preserving the crime scene, documenting relevant information such as visual images, and how it was obtained

Answer 6

Preservation

Question 7

It is a methodical examination of the evidence of the information gathered. This examination produces data objects, including system and user-generated files, and seeks specific answers and points of departure for conclusions

Answer 7

Analysis

Question 8

These are tried-and-true procedures for documenting the analysis’s conclusions, and they must allow other competent examiners to read through and duplicate the results

Answer 8

Documentation

Question 9

The collection of digital information, which may entail removing electronic devices from the crime/incident scene and copying or printing the device(s), is critical to the investigation.

Answer 9

Presentation

Question 10

It analyzes digital evidence obtained from laptops, computers, and storage media to support ongoing investigations and legal proceedings.

Answer 10

Computer Forensics

Question 11

It entails obtaining evidence from small electronic devices such as personal digital assistants, mobile phones, tablets, sim cards, and gaming consoles.

Answer 11

Mobile Device Forensics

Question 12

Network or cyber forensics depends on the data obtained from monitoring and analyzing cyber network activities such as attacks, breaches, or system collapse caused by malicious software and abnormal network traffic.

Answer 12

Network Forensics

Question 13

This sub-specialty focuses on the extraction and analysis of digital images to verify authenticity and metadata and determine the history and information surrounding them.

Answer 13

Digital Image Forensics

Question 14

This field examines audio-visual evidence to determine its authenticity or any additional information you can extract, such as location and time intervals.

Answer 14

Digital Video/Audio Forensics

Question 15

It refers to the recovery of information from a running computer’s RAM and is also known as live acquisition.

Answer 15

Memory Forensics

Question 16

Challenges in Digital Forensics

Answer 16

• Extracting data from locked, or destroyed computing devices is one of the challenges that digital forensic investigators face
• Finding specific data entries within massive amounts of data stored locally or in the cloud
• Keeping track of the digital chain of custody
• Ensuring data integrity throughout an investigation

Question 17

Advantages of Digital Forensics

Answer 17

*Enables Digital Evidence Analysis
*Aids in the Identification of Criminals
*It Is Capable of Recovering Deleted Data
*Enlightens on How Crimes Are Committed
*It Has the Potential to Be Used to Prevent Future Crimes

Question 18

Disadvantages of Digital Forensics

Answer 18

*Prolonged Procedure
*Requires Specialized Knowledge and Skills
*Can Be Costly
*Obtaining Evidence May Necessitate a Court Order
*Evidence Can Be Easily Destroyed or Manipulate