Abstract
The chapter discusses the digital forensics and analyzes data. Digital forensics is the most intricate part of the cyber crime investigation process. It is often where the strongest evidence comes from. Digital forensics is the scientific acquisition, analysis, and preservation of data contained in electronic media whose information can be used as evidence in a court of law. Traditional digital forensics started with the seizure of a computer or some media. The drives and media were duplicated in a forensically sound manner bit by bit. Traditional digital forensics can be broken down into four phases: collection, examination, analysis, and reporting. Collection is the preservation of evidence for analysis. Current best practices state that digital evidence needs to be an exact copy or normally a bit stream copy or bit-for-bit duplication—of the original media. Examination consists of the methodical sifting and combing of the data. It may consist of examining dates, metadata, images, document content, and so on.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
