Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Malware anal 2 > Forensic Process Phases > Flashcards

Forensic Process Phases Flashcards

1
Q

Identification

A

Identification / Seizure phase; primary stage in arrival, identification and evidence collection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Acquisition and Imaging

A

Dig. evidence is acquired, through obtaining a forensic copy or a logocal extraction of data stored on a device

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Analysis

A

Includes the processes and procedures performed on evidence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Reporting

A

Includes the documentation and presentation of the analysis findings

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Analysis Breakdown

A

Performing link / timeline / file signature analysis

Data carving - reassemble fragmented files in unallocated / free space

Advanced Searches - keywords/watchlists, regular expressions/pattern
analysis, and dates

Background info - first responders / detectives or complainant

Location based data from commercially available tools

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Reporting Findings

A

Report breakdown;
Establishes background,

Documents the evidentiary chain of custody,

Identifies in detail the seized media,

Documents the steps taken to preserve evidence,

Describes processes used to acquire and analyse,

Details findings

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Malware anal 2 (5 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions