Introduction
In this blog, we will discuss Computer Forensics, which is one of the common terms used by law enforcement and many investigation authorities of governments. I am only introducing Computer Forensics using this blog post. By learning about this topic, people will know what things the law enforcement agencies consider crimes, and will be able to protect themselves from becoming a prey to cybercrime.
What is Computer Forensics?
Computer Forensics, or Computer Forensics science, is a branch of the Digital Forensics department. This department handles the process of collecting and retrieving the evidence that may be present in a computer or system-based item. The retrieved data may be considered evidence in all kinds of cases and crime charges, and sometimes this helps people to escape false criminal charges. Even the data from volatile memory will be retrieved using the Forensic method.
Difference from Cybersecurity
Many people will confuse Computer Forensics with Cybersecurity. Cybersecurity is a process of preventing people from committing a crime. On the other hand, Computer Forensics is a process of analyzing a system to find information on it that is a part of a crime.
What is retrievable data?
Most of the data from a system will be retrieved, such as encrypted files, live data of the system using a method called live analysis, relating the series of data found from the different sources, deleted files, steno graphed information and the complete logs of the system.
Conclusion
Even though we are living a mostly safe life in this digital world, it is important to learn about computer forensics to stay safe from crimes and criminals. I wrote this blog post to impart some basic knowledge about what Computer Forensics is. In the future I will write more articles in which I will briefly discuss some of the different methods used by law enforcement agencies.