80 likes | 342 Vues
Forensics. Jeff Wang Code 610.2 Mentor: John Zhu (IT Support). Computer Forensics. Forensics is the application of science to answer questions to a legal system Computer forensics pertains to legal evidence found in computers and other digital storage mediums. Responsibilities.
E N D
Forensics Jeff Wang Code 610.2 Mentor: John Zhu (IT Support)
Computer Forensics • Forensics is the application of science to answer questions to a legal system • Computer forensics pertains to legal evidence found in computers and other digital storage mediums
Responsibilities • To recover data in the event of a hardware or software failure • To gather evidence against an employee that an company wishes to terminate • To gain information about how computer systems work for the purpose of debugging or performance optimization
Tools of the trade • FTK (Forensic Toolkit) – scans hard drives looking for various information • Encase – images storage medias, examines files stored on the media • Examines parts of storage media that are not normally accessible by users
Summary of what I did • Wipeout data on old storage medias (such as hard drives and tapes) so they can be thrown out • Remove all important from HDD so they can be reused • Help users retrieve data that they may have deleted • Help maintain network security
How they can use forensics to improve IT support • Use forensic tool to recover data in the event a user deletes date by mistake or in the event of a hardware failure • Use tools to thoroughly wipeout sensitive data off storage medias • Use the tools to crack passwords