McGraw-Hill 10-1. 10 McGraw-Hill Systems Analysis & Programming.
Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill...
-
date post
20-Dec-2015 -
Category
Documents
-
view
213 -
download
1
Transcript of Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill...
![Page 1: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/1.jpg)
Extended Learning Module HComputer Crime and Digital Forensics
Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin
![Page 2: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/2.jpg)
STUDENT LEARNING OUTCOMES
1. Define computer crime and list three types of computer crime that can be perpetrated from inside and three from outside the organization
2. Identify the seven types of hackers and explain what motivates each group
3. Define digital forensics and describe the two phases of a forensic investigation
Mod H-2
![Page 3: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/3.jpg)
STUDENT LEARNING OUTCOMES
4. Describe what is meant by anti-forensics, and give an example of each of the three types
5. Describe two ways in which corporations use digital forensics
Mod H-3
![Page 4: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/4.jpg)
INTRODUCTION
Computers are involved in crime in two ways 1. 2.
Computer crimes can be committed 1.
2.
Mod H-4
![Page 5: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/5.jpg)
MODULE ORGANIZATION
1. Computer Crime Learning Outcomes #1 & #2
2. Digital Forensics Learning Outcome #3
3. Recovery and Interpretation Learning Outcome #4
4. Who Needs Digital Forensic Investigators? Learning Outcome #5
Mod H-5
![Page 6: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/6.jpg)
COMPUTER CRIME
Computer crime
Mod H-6
![Page 7: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/7.jpg)
Examples of Computer Crimes
Mod H-7
![Page 8: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/8.jpg)
Crimes in Which Computers Usually Play a Part
Mod H-8
![Page 9: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/9.jpg)
Outside the Organization
In 2006 the greatest financial loss stemmed from
Mod H-9
![Page 10: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/10.jpg)
Types of Malware
Malware – software designed to harm you computer or computer security 1. 2. 3.
Types of Malware 1. 2. 3.
Mod H-10
![Page 11: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/11.jpg)
Viruses
Computer virus (virus)
Worm
Mod H-11
![Page 12: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/12.jpg)
Recent Problems
The most common type of worm was a botnet in 2007 and 2008
Botnet
A botnet can 1. 2. 3.
Mod H-12
![Page 13: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/13.jpg)
The Love Bug Worm
Mod H-13
![Page 14: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/14.jpg)
Stand-Alone Viruses
Spoofing
Klez family of worms
Mod H-14
![Page 15: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/15.jpg)
Trojan Horse Viruses
Trojan horse virus
Examples: Key logger (key trapper) software
Ping-of-Death DoS attack
Mod H-15
![Page 16: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/16.jpg)
Misleading E-mail: Virus Hoax
Objective is to cause damage to your system Virus hoax is an e-mail telling you of a non-
existent virus 1.
2.
Mod H-16
![Page 17: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/17.jpg)
Denial-of-Service Attacks
Denial-of-Service (DoS) attack
Mod H-17
![Page 18: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/18.jpg)
Distributed DoS
Distributed denial-of-service attack (DDoS)
Mod H-18
![Page 19: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/19.jpg)
Distributed Denial-of-Service Attack
Mod H-19
![Page 20: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/20.jpg)
Malware Bots
Bot
Malware bots
Zombies (or drones)
Mod H-20
![Page 21: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/21.jpg)
Rootkits
Rootkit
Mod H-21
![Page 22: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/22.jpg)
Web Defacing
Web defacing
Mod H-22
![Page 23: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/23.jpg)
Players
Hackers
Thrill-seeker hackers
White-hat (ethical) hackers
Mod H-23
![Page 24: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/24.jpg)
Players
Black hat hackers
Crackers
Social engineering
Mod H-24
![Page 25: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/25.jpg)
Players
Hacktivists
Cyberterrorists
Mod H-25
![Page 26: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/26.jpg)
Players
Script kiddies (or bunnies)
Mod H-26
![Page 27: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/27.jpg)
DIGITAL FORENSICS
Digital forensics
Two phases 1.
2.
Mod H-27
![Page 28: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/28.jpg)
Phase 1: Collection – Places to look for Electronic Evidence
Mod H-28
![Page 29: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/29.jpg)
Phase 1: Preservation
If possible, hard disk is removed without turning computer on
Special forensics computer is used to ensure that nothing is written to drive
Forensic image copy
Mod H-29
![Page 30: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/30.jpg)
Phase 1: Authentication
Authentication process necessary for ensuring that no evidence was planted or destroyed
MD5 hash value
Mod H-30
![Page 31: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/31.jpg)
Forensic Hardware and Software Tools
Forensics computers usually have a lot of RAM and very fast processors
EnCase – software that finds all information on disks
Quick View Plus and Conversions Plus – read files in many formats
Mailbag Assistant – reads most e-mail
Mod H-31
![Page 32: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/32.jpg)
Forensics Hardware and Software Tools
Gargoyle – software that identifies encrypted files and may decrypt them
Irfan View – reads image files Ingenium – semantic analysis software that
searches for meaning rather than an exact match
Mod H-32
![Page 33: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/33.jpg)
Cell Phones
In 2004 - 200 countries with more than 1.5 billion users of GSM cell phones (Cingular and most of Europe)
Cell phones can be used for Illegal drug deals Storing stolen data Fraudulently securing goods and services Setting off explosives
Mod H-33
![Page 34: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/34.jpg)
Cell Phones and Other Handheld Devices Files Can Be Recovered from…
Mod H-34
![Page 35: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/35.jpg)
Phase 2: Analysis
Mod H-35
![Page 36: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/36.jpg)
Where Data is Hiding
Mod H-36
![Page 37: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/37.jpg)
History of Disk Activity
Mod H-37
![Page 38: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/38.jpg)
Live Analysis
Mod H-38
![Page 39: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/39.jpg)
RECOVERY AND INTERPRETATION
Mod H-39
![Page 40: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/40.jpg)
E-Mail between engineers about the Spaceship Columbia
Mod H-40
![Page 41: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/41.jpg)
E-Mail between Enron and Andersen Consulting
Mod H-41
![Page 42: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/42.jpg)
E-Mail from Arresting Officer in the Rodney King Beating
Mod H-42
![Page 43: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/43.jpg)
Internal E-Mail from Bill Gates to Microsoft Employee
Mod H-43
![Page 44: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/44.jpg)
Places to Look for Useful Information
Deleted files and slack space Slack space
System and registry files
Mod H-44
![Page 45: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/45.jpg)
Places to Look for Useful Information
Unallocated space
Mod H-45
![Page 46: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/46.jpg)
Anti-Forensics
New branch of digital forensics Set of tools and activities that make it hard or
impossible to track user activity Three categories
1.
2.
3.
Mod H-46
![Page 47: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/47.jpg)
Configuration Settings Examples:
Use Shift + Delete to bypass the recycle bin Rename the file with a different extension Clear out virtual memory Use Defrag to rearrange data on the hard
disk and overwrite deleted files Use Disk Cleanup to delete ActiveX controls
and Java applets
Mod H-47
![Page 48: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/48.jpg)
Configuration Settings Examples:
Delete temporary Internet files Hide information by making it invisible with
Hidden feature in Word or Excel Redact – black out portions of a document Protect your files with passwords
Mod H-48
![Page 49: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/49.jpg)
Configuration Settings Examples:
Make the information invisible Use Windows to hide files Protect file with password
Mod H-49
![Page 50: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/50.jpg)
Third-Party Tools to
Alter your registry Hide Excel files inside Word documents and
visa versa Change the properties like creation date in
Windows Replace disk contents with 1’s and 0’s –
called wiping programs
Mod H-50
![Page 51: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/51.jpg)
Third Party Tools
Encryption
Steganography
U3 Smart drive
Mod H-51
![Page 52: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/52.jpg)
Forensic Defeating Software
Software on the market specially designed to evade forensic examination
Such software would include programs to remove data in slack space data in cache memory cookies, Internet files, Google search history, etc.
Mod H-52
![Page 53: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/53.jpg)
WHO NEEDS DIGITAL FORENSICS INVESTIGATORS?
Digital forensics is used in
Mod H-53
![Page 54: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/54.jpg)
Organizations Use Digital Forensics in Two Ways
1.
2.
Mod H-54
![Page 55: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/55.jpg)
Proactive Education to Educate Employees
Proactive Education for Problem Prevention What to do and not to do with computer
resources such as 1.
2.
3.
Mod H-55
![Page 56: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/56.jpg)
Reactive Digital forensics for Incident Response
What to do if wrong-doing is suspected and how to investigate it Encouraged by the Sarbanes-Oxley Act, which
expressly requires implementation of policies to prevent illegal activity and to investigate allegations promptly
Mod H-56
![Page 57: Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.](https://reader035.fdocuments.in/reader035/viewer/2022081519/56649d4b5503460f94a28b7b/html5/thumbnails/57.jpg)
A Day in the Life…
As a digital forensics expert you must Know a lot about computers and how they work Keep learning Have infinite patience Be detail-oriented Be good at explaining how computers work Be able to stay cool and think on your feet
Mod H-57