4
DIGITAL FORENSICS AND INFORMATION SECURITY
For this SLP, the object is to review digital hardware tools for performing forensic analysis of digital information in a small organization. The tools should be able to copy the contents of a hard drive, find and recover files deleted from a hard drive, determine history of web sites visited, search a computer’s hard drive for key words, compare contents of files on the computer’s hard drive, copy contents of other storage devices, and log the activities performed.
Here are some tools to evaluate:
AccessData FTK Imager
AccessData Forensic Toolkit
EnCase
ProDiscover
DFF, https://tools.kali.org/forensics/dff
Once you have explored two of the tools, answer the following questions in 2-3 pages:
· Provide a brief description of the tool and what it is supposed to do
· Explain how it might help forensic operations in finding evidence for digital crimes
· Describe the possible advantages of using this tool
· Describe the possible drawbacks of using this tool
· Provide an example of its application.