Forensic computing Essay Example | Topics and Well Written Essays - 1250 words

Forensic computing - Essay ExampleA user female genitals use criteria such as size, filename, creation and modified dates in positioning files. The search results returned by OS forensics are made available in different views which let in the timeline view, thumbnail view and file listing (Beijnum, 2009, p. 23). This helps the user determine the ideal of activity on the computer and know where significant file change occurred. Besides locating the files, this tool can go further to search at heart contents of each file for a full psychoanalysis. OS forensics has a powerful pre-indexed search capability that offers full text search to hundreds of file formats. below is a list of what results OS forensics can offer Highlighting Wildcard searches Relevance ranked search results Exclusion searches Date sorting or date appreciation searching Exact phrase matching Google-like context results File listing view of search results The file formats that can be indexed by OS forensics inc lude RTF, WPD, SWF, DJVU, DOC, PDF, PPT, XLS, JPG, GIF, PNG, TIFF, XLSX, MHT, ZIP, MP3, DWF, DOCX, PPTX and more. In addition, it has a feature that helps analyze files so as to determine their file type if they lack file extension. The advanced hashing algorithm in OS forensics can help create a unique fingerprint that is used to identify a file. OS forensics can help the investigator to organize the testify discovered into a cryptographically secure single file. The expert can add more results and evidence to the case file for future reference and analysis and be confident that the case file cannot be tampered with. Case management helps the user to organize and aggregate case items and results from OS forensics. An advantage of this software is that it can be installed and run from a USB flash drive thus helps you in keeping your investigation tools and reports with you when you are mobile (Cansolvo & Scholtz, 2004, p. 85). A user should avoid installment any software on the ta rget machine so as to avoid the risk of unintentionally overwriting or deleting valuable forensic data left wing by the suspect. With OS forensics, the computer expert can export case files as customizable and accessible reports that show all the evidence gathered. This feature helps to deliver a summary of readable forensic findings to law enforcement agents or clients at any time during the investigation. OS forensics can be used to retrieve e-mail messages direct from their archives without the need to install email client programs such as thunderbird or Outlook (Dimitrova, Bellotti, Lozanova & Roumenin, 2011). It reads directly into the archive and displays everything from message headers, HTML, Rich Text stage and regular Text. Supported file formats are Mbox for thunderbird, UNIX mail, Eudora and more. Pst for outlook. Msg for outlook. Dbx for outlook express. Eml for outlook express. All the attachments associated with the specified email can be extracted too. Email search ing functionality insert in OS forensics can be used to quickly search across all the content in the emails archive effectively. OS forensics Email Viewer The forensic value of carrying out the processes described above may vary depending on various factors such as who needs the training and for what purpose is the information in question needed (Lin & Stead, 2009, p. 67). This valuable