SlideShare une entreprise Scribd logo

Bag and Tag

CTIN
CTIN
TechnologieSanté & Médecine
1  sur  65
Level 1 - Basic Investigations Part 4 – Evidence Collection and Seizure Criminal Justice Training Center
High Tech Evidence Collection and Seizure ,[object Object],[object Object]
Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object]
Identification ,[object Object],[object Object],[object Object]
Identification – General Concepts ,[object Object],[object Object],[object Object],[object Object]
Identification – General Concepts You can take everything, take only what is subject to search warrant or you can take only data. But…
Identification – General Concepts ,[object Object],[object Object],[object Object]
Identification – General Concepts ,[object Object],[object Object]
Identification – Types of Evidence ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Identification – Types of Evidence ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Identification – Types of Evidence ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Identification – Where to Look for It ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Identification – Where to Look For It ,[object Object],[object Object],[object Object],[object Object],[object Object]
Identification – Where to Look For It ,[object Object],[object Object]
Sample Evidence – Tower Computer Case
Sample Evidence - Monitor, Keyboard, and Mouse
Sample Evidence - Computer Media/Storage
Sample Evidence - Computer Media/Storage USB pocket disk 32MB IBM Microdrive 1GB, 500/340 MB
Sample Evidence - Computer Media/Storage “ Thumb Drives” up to 128MB “Disk-on-Key” unit
Sample Evidence - Card Readers USB Pocket DigiDrive. Reads multiple media sources, smart cards etc..
Sample Evidence - Magnetic Readers Mini-Mag Magstripe reader (PMR 102)
Sample Evidence - Computer peripherals
Sample Evidence - Flat Plate Scanner
Sample Evidence - Computer Cases
Sample Evidence - Computer Cases
Sample Evidence Area Sometimes they can never be separated from their computer.
Preservation and Collection ,[object Object],[object Object],[object Object]
Preservation ,[object Object],[object Object]
Preservation ,[object Object],[object Object],[object Object]
Preservation ,[object Object],[object Object],[object Object]
Preservation – Fragility of Evidence ,[object Object],[object Object]
Preservation – Fragility of Evidence ,[object Object],[object Object],[object Object],[object Object]
Preservation – Fragility of Evidence ,[object Object],[object Object]
Preservation – Hacker systems When you have a case involving a computer as the object or means of committing a crime, remember that a program running in memory might be the evidence of your crime.
Preservation – Special Environments ,[object Object],[object Object],[object Object]
Preservation – Basic Rules ,[object Object],[object Object]
Preservation – Basic Rules ,[object Object],[object Object],[object Object]
Preservation – Evaluating Conditions ,[object Object],[object Object],[object Object]
Preservation – Evaluating Conditions ,[object Object],[object Object],[object Object]
Preservation – Evaluating Conditions ,[object Object],[object Object]
Preservation – Evaluating Conditions ,[object Object],[object Object],[object Object]
Preservation – Urban Legend? The possible presence of degaussing (magnets) equipment placed in the crime scene by the suspect. Evidence being lost due the presence of large degaussing hardware hidden in a doorway and operated by a wall switch. Hmm,…not likely.
Collection – Chronological Worksheet ,[object Object],[object Object],[object Object]
Collection – Chronological Worksheet ,[object Object],[object Object],[object Object]
Collection - Photographing ,[object Object],[object Object],[object Object]
Collection - Photographing ,[object Object],[object Object]
It is the small stuff that can create problems sometimes…
Collection - Photographing ,[object Object],[object Object]
Someone wanted this one dead…
Collection ,[object Object],[object Object]
Collection If you are seizing more than one computer system first number the computers and then tag the cables and hardware using the computer number.
Collection - Transport ,[object Object],[object Object]
Collection - Transport ,[object Object],[object Object]
Collection - Transport ,[object Object],[object Object]
Collection - Transport ,[object Object],[object Object]
Collection – Golden Rules ,[object Object],[object Object],[object Object],[object Object]
What is ‘Chain of Evidence’? ,[object Object],[object Object]
Maintaining the Chain of Evidence ,[object Object],[object Object],[object Object]
Presenting the Chain of Evidence ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Presenting the Chain of Evidence ,[object Object],[object Object],[object Object],[object Object]
Presenting the Chain of Evidence ,[object Object],[object Object],[object Object],[object Object]
Evidence Storage Guidelines ,[object Object],[object Object],[object Object],[object Object],[object Object]
Storage Containers ,[object Object],[object Object],[object Object],[object Object],[object Object]
Summary ,[object Object],[object Object],[object Object]
 

Recommandé

Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensicOnline
 
Intro to digital forensic imaging
Intro to digital forensic imagingIntro to digital forensic imaging
Intro to digital forensic imagingDetectalix
 
Chaincustody
ChaincustodyChaincustody
ChaincustodyMdu
 
Digital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic InvestigationsDigital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic InvestigationsFilip Maertens
 
04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - Notes04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - NotesKranthi
 
Digital forensics
Digital forensics Digital forensics
Digital forensics vishnuv43
 
Lab 1 Bag & Tag (cyber forensics)
Lab 1 Bag & Tag (cyber forensics)Lab 1 Bag & Tag (cyber forensics)
Lab 1 Bag & Tag (cyber forensics)MUSAAB HASAN
 
Tracking Emails
Tracking EmailsTracking Emails
Tracking Emailsprashant3535
 

Recommandé

Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensicOnline
 
Intro to digital forensic imaging
Intro to digital forensic imagingIntro to digital forensic imaging
Intro to digital forensic imagingDetectalix
 
Chaincustody
ChaincustodyChaincustody
ChaincustodyMdu
 
Digital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic InvestigationsDigital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic InvestigationsFilip Maertens
 
04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - Notes04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - NotesKranthi
 
Digital forensics
Digital forensics Digital forensics
Digital forensics vishnuv43
 
Lab 1 Bag & Tag (cyber forensics)
Lab 1 Bag & Tag (cyber forensics)Lab 1 Bag & Tag (cyber forensics)
Lab 1 Bag & Tag (cyber forensics)MUSAAB HASAN
 
Tracking Emails
Tracking EmailsTracking Emails
Tracking Emailsprashant3535
 
Collecting and preserving digital evidence
Collecting and preserving digital evidenceCollecting and preserving digital evidence
Collecting and preserving digital evidenceOnline
 
Forensic imaging
Forensic imagingForensic imaging
Forensic imagingDINESH KAMBLE
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsOldsun
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptxAmbuj Kumar
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsRamesh Ogania
 
Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)AltheimPrivacy
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer ForensicsOne97 Communications Limited
 
Email recovery
Email recoveryEmail recovery
Email recoveryPalash Mehar
 
photography, forensic photography and its explanation
photography, forensic photography and its explanationphotography, forensic photography and its explanation
photography, forensic photography and its explanationHemant Jain
 
Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...Sagar Rahurkar
 
Forensic Chemistry - Petroleum products
Forensic Chemistry - Petroleum productsForensic Chemistry - Petroleum products
Forensic Chemistry - Petroleum productsjeremiah_justus
 
Electornic evidence collection
Electornic evidence collectionElectornic evidence collection
Electornic evidence collectionFakrul Alam
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidencerakesh mishra
 
Forensic Chemistry - Explosives
Forensic Chemistry - ExplosivesForensic Chemistry - Explosives
Forensic Chemistry - Explosivesjeremiah_justus
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsVidoushi B-Somrah
 
Admissibility of forensic evidence in the court of law
Admissibility of forensic evidence in the court of lawAdmissibility of forensic evidence in the court of law
Admissibility of forensic evidence in the court of lawRajshree Sable
 
5W & 1H In the crime scene
5W & 1H In the crime scene 5W & 1H In the crime scene
5W & 1H In the crime scene Applied Forensic Research Sciences
 
Digital Forensic ppt
Digital Forensic pptDigital Forensic ppt
Digital Forensic pptSuchita Rawat
 
GUN POWDER
GUN POWDERGUN POWDER
GUN POWDERNafeeyabano
 
Forensic[1]
Forensic[1]Forensic[1]
Forensic[1]gandhiofindia free
 
Primera carrera ucv 10 y 5 km copa direccion deporte
Primera carrera ucv 10 y 5 km copa direccion deportePrimera carrera ucv 10 y 5 km copa direccion deporte
Primera carrera ucv 10 y 5 km copa direccion deporteCarreraycaminataUCV
 
Pasantia
PasantiaPasantia
PasantiaMiilhe Bernal
 

Contenu connexe

Tendances

Collecting and preserving digital evidence
Collecting and preserving digital evidenceCollecting and preserving digital evidence
Collecting and preserving digital evidenceOnline
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsOldsun
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptxAmbuj Kumar
 
Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)AltheimPrivacy
 
photography, forensic photography and its explanation
photography, forensic photography and its explanationphotography, forensic photography and its explanation
photography, forensic photography and its explanationHemant Jain
 
Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...Sagar Rahurkar
 
Forensic Chemistry - Petroleum products
Forensic Chemistry - Petroleum productsForensic Chemistry - Petroleum products
Forensic Chemistry - Petroleum productsjeremiah_justus
 
Electornic evidence collection
Electornic evidence collectionElectornic evidence collection
Electornic evidence collectionFakrul Alam
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidencerakesh mishra
 
Forensic Chemistry - Explosives
Forensic Chemistry - ExplosivesForensic Chemistry - Explosives
Forensic Chemistry - Explosivesjeremiah_justus
 
Admissibility of forensic evidence in the court of law
Admissibility of forensic evidence in the court of lawAdmissibility of forensic evidence in the court of law
Admissibility of forensic evidence in the court of lawRajshree Sable
 
Digital Forensic ppt
Digital Forensic pptDigital Forensic ppt
Digital Forensic pptSuchita Rawat
 

Tendances (20)

Collecting and preserving digital evidence
Collecting and preserving digital evidenceCollecting and preserving digital evidence
Collecting and preserving digital evidence
 
Forensic imaging
Forensic imagingForensic imaging
Forensic imaging
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptx
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
 
Email recovery
Email recoveryEmail recovery
Email recovery
 
photography, forensic photography and its explanation
photography, forensic photography and its explanationphotography, forensic photography and its explanation
photography, forensic photography and its explanation
 
Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...
 
Forensic Chemistry - Petroleum products
Forensic Chemistry - Petroleum productsForensic Chemistry - Petroleum products
Forensic Chemistry - Petroleum products
 
Electornic evidence collection
Electornic evidence collectionElectornic evidence collection
Electornic evidence collection
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidence
 
Forensic Chemistry - Explosives
Forensic Chemistry - ExplosivesForensic Chemistry - Explosives
Forensic Chemistry - Explosives
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Admissibility of forensic evidence in the court of law
Admissibility of forensic evidence in the court of lawAdmissibility of forensic evidence in the court of law
Admissibility of forensic evidence in the court of law
 
5W & 1H In the crime scene
5W & 1H In the crime scene 5W & 1H In the crime scene
5W & 1H In the crime scene
 
Digital Forensic ppt
Digital Forensic pptDigital Forensic ppt
Digital Forensic ppt
 
GUN POWDER
GUN POWDERGUN POWDER
GUN POWDER
 
Forensic[1]
Forensic[1]Forensic[1]
Forensic[1]
 

En vedette

Primera carrera ucv 10 y 5 km copa direccion deporte
Primera carrera ucv 10 y 5 km copa direccion deportePrimera carrera ucv 10 y 5 km copa direccion deporte
Primera carrera ucv 10 y 5 km copa direccion deporteCarreraycaminataUCV
 
Evidence Seizure Ctin Version Draft Sent To Sandy For Polishing
Evidence Seizure Ctin Version Draft Sent To Sandy For PolishingEvidence Seizure Ctin Version Draft Sent To Sandy For Polishing
Evidence Seizure Ctin Version Draft Sent To Sandy For PolishingCTIN
 
Prezentare a agentiei Connect Promotion
Prezentare a agentiei Connect PromotionPrezentare a agentiei Connect Promotion
Prezentare a agentiei Connect PromotionAlin Stoica
 
Mi contexto de formacion
Mi contexto de formacionMi contexto de formacion
Mi contexto de formaciongabriela2018
 
Level1 Part8 End Of The Day
Level1 Part8 End Of The DayLevel1 Part8 End Of The Day
Level1 Part8 End Of The DayCTIN
 
Corporate Public Investigations
Corporate Public InvestigationsCorporate Public Investigations
Corporate Public InvestigationsCTIN
 
Douville Resume Generic
Douville Resume GenericDouville Resume Generic
Douville Resume GenericSean Douville
 
K Ai
K AiK Ai
K AiCTIN
 
Gestion de talento humano
Gestion de talento humanoGestion de talento humano
Gestion de talento humanoMiilhe Bernal
 
Gerencia estrategica en Pymes
Gerencia estrategica en PymesGerencia estrategica en Pymes
Gerencia estrategica en PymesRamiro Arteaga
 
Mathematical modeling in the diagnosis of cancer
Mathematical modeling in the diagnosis of cancerMathematical modeling in the diagnosis of cancer
Mathematical modeling in the diagnosis of cancerHimani Asija
 

En vedette (17)

Primera carrera ucv 10 y 5 km copa direccion deporte
Primera carrera ucv 10 y 5 km copa direccion deportePrimera carrera ucv 10 y 5 km copa direccion deporte
Primera carrera ucv 10 y 5 km copa direccion deporte
 
Pasantia
PasantiaPasantia
Pasantia
 
Shase - profile
Shase - profileShase - profile
Shase - profile
 
Page0001
Page0001Page0001
Page0001
 
Evidence Seizure Ctin Version Draft Sent To Sandy For Polishing
Evidence Seizure Ctin Version Draft Sent To Sandy For PolishingEvidence Seizure Ctin Version Draft Sent To Sandy For Polishing
Evidence Seizure Ctin Version Draft Sent To Sandy For Polishing
 
Prezentare a agentiei Connect Promotion
Prezentare a agentiei Connect PromotionPrezentare a agentiei Connect Promotion
Prezentare a agentiei Connect Promotion
 
Mi contexto de formacion
Mi contexto de formacionMi contexto de formacion
Mi contexto de formacion
 
Level1 Part8 End Of The Day
Level1 Part8 End Of The DayLevel1 Part8 End Of The Day
Level1 Part8 End Of The Day
 
Gestion del Talento
Gestion del TalentoGestion del Talento
Gestion del Talento
 
Corporate Public Investigations
Corporate Public InvestigationsCorporate Public Investigations
Corporate Public Investigations
 
Douville Resume Generic
Douville Resume GenericDouville Resume Generic
Douville Resume Generic
 
In thenameofallah
In thenameofallahIn thenameofallah
In thenameofallah
 
K Ai
K AiK Ai
K Ai
 
Gestion de talento humano
Gestion de talento humanoGestion de talento humano
Gestion de talento humano
 
Gerencia estrategica en Pymes
Gerencia estrategica en PymesGerencia estrategica en Pymes
Gerencia estrategica en Pymes
 
S ramanujan
S ramanujanS ramanujan
S ramanujan
 
Mathematical modeling in the diagnosis of cancer
Mathematical modeling in the diagnosis of cancerMathematical modeling in the diagnosis of cancer
Mathematical modeling in the diagnosis of cancer
 

Similaire à Bag and Tag

Evidence Seizure Sandyb
Evidence Seizure SandybEvidence Seizure Sandyb
Evidence Seizure SandybCTIN
 
Evidence Seizure Level One
Evidence Seizure Level OneEvidence Seizure Level One
Evidence Seizure Level OneCTIN
 
Evidence Seizure Ctin Version Draft
Evidence Seizure Ctin Version DraftEvidence Seizure Ctin Version Draft
Evidence Seizure Ctin Version DraftCTIN
 
Evidence Seizure
Evidence SeizureEvidence Seizure
Evidence SeizureCTIN
 
2022-05-12 Live Forensics for Law Enforcement @UniPD
2022-05-12 Live Forensics for Law Enforcement @UniPD2022-05-12 Live Forensics for Law Enforcement @UniPD
2022-05-12 Live Forensics for Law Enforcement @UniPDDavide Gabrini
 
Digital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDigital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDr Raghu Khimani
 
Digital Forensics Workshop
Digital Forensics WorkshopDigital Forensics Workshop
Digital Forensics WorkshopTim Fletcher
 
Search & Seizure of Electronic Evidence by Pelorus Technologies
Search & Seizure of Electronic Evidence by Pelorus TechnologiesSearch & Seizure of Electronic Evidence by Pelorus Technologies
Search & Seizure of Electronic Evidence by Pelorus Technologiesurjarathi
 
BASICS OF INVESTIGATION OF CYBER CRIME CASES.pptx
BASICS OF INVESTIGATION OF CYBER CRIME CASES.pptxBASICS OF INVESTIGATION OF CYBER CRIME CASES.pptx
BASICS OF INVESTIGATION OF CYBER CRIME CASES.pptxALISHAARORA31
 
Introduction To Forensic Methodologies
Introduction To Forensic MethodologiesIntroduction To Forensic Methodologies
Introduction To Forensic MethodologiesLedjit
 
CS6004 Cyber Forensics - UNIT IV
CS6004 Cyber Forensics - UNIT IVCS6004 Cyber Forensics - UNIT IV
CS6004 Cyber Forensics - UNIT IVArthyR3
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsLalit Garg
 
computer forensics, involves the preservation, identification, extraction, an...
computer forensics, involves the preservation, identification, extraction, an...computer forensics, involves the preservation, identification, extraction, an...
computer forensics, involves the preservation, identification, extraction, an...pable2
 
Cyber forensics 02 mit-2014
Cyber forensics 02 mit-2014Cyber forensics 02 mit-2014
Cyber forensics 02 mit-2014Muzzammil Wani
 
Digital Evidence - the defence, prosecution, & the court
Digital Evidence - the defence, prosecution, & the courtDigital Evidence - the defence, prosecution, & the court
Digital Evidence - the defence, prosecution, & the courtCell Site Analysis (CSA)
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentationSomya Johri
 
Computer forensics Slides
Computer forensics SlidesComputer forensics Slides
Computer forensics SlidesVarun Sehgal
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkitMilap Oza
 
Best Cyber Crime Investigation Service Provider | Fornsec Solutions
Best Cyber Crime Investigation Service Provider | Fornsec SolutionsBest Cyber Crime Investigation Service Provider | Fornsec Solutions
Best Cyber Crime Investigation Service Provider | Fornsec SolutionsFORnSECSolutions
 

Similaire à Bag and Tag (20)

Evidence Seizure Sandyb
Evidence Seizure SandybEvidence Seizure Sandyb
Evidence Seizure Sandyb
 
Evidence Seizure Level One
Evidence Seizure Level OneEvidence Seizure Level One
Evidence Seizure Level One
 
Evidence Seizure Ctin Version Draft
Evidence Seizure Ctin Version DraftEvidence Seizure Ctin Version Draft
Evidence Seizure Ctin Version Draft
 
Evidence Seizure
Evidence SeizureEvidence Seizure
Evidence Seizure
 
2022-05-12 Live Forensics for Law Enforcement @UniPD
2022-05-12 Live Forensics for Law Enforcement @UniPD2022-05-12 Live Forensics for Law Enforcement @UniPD
2022-05-12 Live Forensics for Law Enforcement @UniPD
 
Cyber Crime Evidence Collection Ifsa 2009
Cyber Crime Evidence Collection Ifsa 2009Cyber Crime Evidence Collection Ifsa 2009
Cyber Crime Evidence Collection Ifsa 2009
 
Digital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDigital Evidence by Raghu Khimani
Digital Evidence by Raghu Khimani
 
Digital Forensics Workshop
Digital Forensics WorkshopDigital Forensics Workshop
Digital Forensics Workshop
 
Search & Seizure of Electronic Evidence by Pelorus Technologies
Search & Seizure of Electronic Evidence by Pelorus TechnologiesSearch & Seizure of Electronic Evidence by Pelorus Technologies
Search & Seizure of Electronic Evidence by Pelorus Technologies
 
BASICS OF INVESTIGATION OF CYBER CRIME CASES.pptx
BASICS OF INVESTIGATION OF CYBER CRIME CASES.pptxBASICS OF INVESTIGATION OF CYBER CRIME CASES.pptx
BASICS OF INVESTIGATION OF CYBER CRIME CASES.pptx
 
Introduction To Forensic Methodologies
Introduction To Forensic MethodologiesIntroduction To Forensic Methodologies
Introduction To Forensic Methodologies
 
CS6004 Cyber Forensics - UNIT IV
CS6004 Cyber Forensics - UNIT IVCS6004 Cyber Forensics - UNIT IV
CS6004 Cyber Forensics - UNIT IV
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
computer forensics, involves the preservation, identification, extraction, an...
computer forensics, involves the preservation, identification, extraction, an...computer forensics, involves the preservation, identification, extraction, an...
computer forensics, involves the preservation, identification, extraction, an...
 
Cyber forensics 02 mit-2014
Cyber forensics 02 mit-2014Cyber forensics 02 mit-2014
Cyber forensics 02 mit-2014
 
Digital Evidence - the defence, prosecution, & the court
Digital Evidence - the defence, prosecution, & the courtDigital Evidence - the defence, prosecution, & the court
Digital Evidence - the defence, prosecution, & the court
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentation
 
Computer forensics Slides
Computer forensics SlidesComputer forensics Slides
Computer forensics Slides
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkit
 
Best Cyber Crime Investigation Service Provider | Fornsec Solutions
Best Cyber Crime Investigation Service Provider | Fornsec SolutionsBest Cyber Crime Investigation Service Provider | Fornsec Solutions
Best Cyber Crime Investigation Service Provider | Fornsec Solutions
 

Plus de CTIN

Mounting virtual hard drives
Mounting virtual hard drivesMounting virtual hard drives
Mounting virtual hard drivesCTIN
 
Open Source Forensics
Open Source ForensicsOpen Source Forensics
Open Source ForensicsCTIN
 
Encase V7 Presented by Guidance Software august 2011
Encase V7 Presented by Guidance Software august 2011Encase V7 Presented by Guidance Software august 2011
Encase V7 Presented by Guidance Software august 2011CTIN
 
Windows 7 forensics -overview-r3
Windows 7 forensics -overview-r3Windows 7 forensics -overview-r3
Windows 7 forensics -overview-r3CTIN
 
Windows 7 forensics event logs-dtl-r3
Windows 7 forensics event logs-dtl-r3Windows 7 forensics event logs-dtl-r3
Windows 7 forensics event logs-dtl-r3CTIN
 
Msra 2011 windows7 forensics-troyla
Msra 2011 windows7 forensics-troylaMsra 2011 windows7 forensics-troyla
Msra 2011 windows7 forensics-troylaCTIN
 
Windows 7 forensics thumbnail-dtl-r4
Windows 7 forensics thumbnail-dtl-r4Windows 7 forensics thumbnail-dtl-r4
Windows 7 forensics thumbnail-dtl-r4CTIN
 
Windows 7 forensics jump lists-rv3-public
Windows 7 forensics jump lists-rv3-publicWindows 7 forensics jump lists-rv3-public
Windows 7 forensics jump lists-rv3-publicCTIN
 
Time Stamp Analysis of Windows Systems
Time Stamp Analysis of Windows SystemsTime Stamp Analysis of Windows Systems
Time Stamp Analysis of Windows SystemsCTIN
 
Vista Forensics
Vista ForensicsVista Forensics
Vista ForensicsCTIN
 
Mac Forensics
Mac ForensicsMac Forensics
Mac ForensicsCTIN
 
Nra
NraNra
NraCTIN
 
Live Forensics
Live ForensicsLive Forensics
Live ForensicsCTIN
 
Translating Geek To Attorneys It Security
Translating Geek To Attorneys It SecurityTranslating Geek To Attorneys It Security
Translating Geek To Attorneys It SecurityCTIN
 
Edrm
EdrmEdrm
EdrmCTIN
 
Computer Searchs, Electronic Communication, Computer Trespass
Computer Searchs, Electronic Communication, Computer TrespassComputer Searchs, Electronic Communication, Computer Trespass
Computer Searchs, Electronic Communication, Computer TrespassCTIN
 
CyberCrime
CyberCrimeCyberCrime
CyberCrimeCTIN
 
Search Warrants
Search WarrantsSearch Warrants
Search WarrantsCTIN
 
Part6 Private Sector Concerns
Part6 Private Sector ConcernsPart6 Private Sector Concerns
Part6 Private Sector ConcernsCTIN
 
Sadfe2007
Sadfe2007Sadfe2007
Sadfe2007CTIN
 

Plus de CTIN (20)

Mounting virtual hard drives
Mounting virtual hard drivesMounting virtual hard drives
Mounting virtual hard drives
 
Open Source Forensics
Open Source ForensicsOpen Source Forensics
Open Source Forensics
 
Encase V7 Presented by Guidance Software august 2011
Encase V7 Presented by Guidance Software august 2011Encase V7 Presented by Guidance Software august 2011
Encase V7 Presented by Guidance Software august 2011
 
Windows 7 forensics -overview-r3
Windows 7 forensics -overview-r3Windows 7 forensics -overview-r3
Windows 7 forensics -overview-r3
 
Windows 7 forensics event logs-dtl-r3
Windows 7 forensics event logs-dtl-r3Windows 7 forensics event logs-dtl-r3
Windows 7 forensics event logs-dtl-r3
 
Msra 2011 windows7 forensics-troyla
Msra 2011 windows7 forensics-troylaMsra 2011 windows7 forensics-troyla
Msra 2011 windows7 forensics-troyla
 
Windows 7 forensics thumbnail-dtl-r4
Windows 7 forensics thumbnail-dtl-r4Windows 7 forensics thumbnail-dtl-r4
Windows 7 forensics thumbnail-dtl-r4
 
Windows 7 forensics jump lists-rv3-public
Windows 7 forensics jump lists-rv3-publicWindows 7 forensics jump lists-rv3-public
Windows 7 forensics jump lists-rv3-public
 
Time Stamp Analysis of Windows Systems
Time Stamp Analysis of Windows SystemsTime Stamp Analysis of Windows Systems
Time Stamp Analysis of Windows Systems
 
Vista Forensics
Vista ForensicsVista Forensics
Vista Forensics
 
Mac Forensics
Mac ForensicsMac Forensics
Mac Forensics
 
Nra
NraNra
Nra
 
Live Forensics
Live ForensicsLive Forensics
Live Forensics
 
Translating Geek To Attorneys It Security
Translating Geek To Attorneys It SecurityTranslating Geek To Attorneys It Security
Translating Geek To Attorneys It Security
 
Edrm
EdrmEdrm
Edrm
 
Computer Searchs, Electronic Communication, Computer Trespass
Computer Searchs, Electronic Communication, Computer TrespassComputer Searchs, Electronic Communication, Computer Trespass
Computer Searchs, Electronic Communication, Computer Trespass
 
CyberCrime
CyberCrimeCyberCrime
CyberCrime
 
Search Warrants
Search WarrantsSearch Warrants
Search Warrants
 
Part6 Private Sector Concerns
Part6 Private Sector ConcernsPart6 Private Sector Concerns
Part6 Private Sector Concerns
 
Sadfe2007
Sadfe2007Sadfe2007
Sadfe2007
 

Dernier

Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 

Dernier (20)

Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 

Bag and Tag

  • 1. Level 1 - Basic Investigations Part 4 – Evidence Collection and Seizure Criminal Justice Training Center
  • 2.
  • 3.
  • 4.
  • 5.
  • 6. Identification – General Concepts You can take everything, take only what is subject to search warrant or you can take only data. But…
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15. Sample Evidence – Tower Computer Case
  • 16. Sample Evidence - Monitor, Keyboard, and Mouse
  • 17. Sample Evidence - Computer Media/Storage
  • 18. Sample Evidence - Computer Media/Storage USB pocket disk 32MB IBM Microdrive 1GB, 500/340 MB
  • 19. Sample Evidence - Computer Media/Storage “ Thumb Drives” up to 128MB “Disk-on-Key” unit
  • 20. Sample Evidence - Card Readers USB Pocket DigiDrive. Reads multiple media sources, smart cards etc..
  • 21. Sample Evidence - Magnetic Readers Mini-Mag Magstripe reader (PMR 102)
  • 22. Sample Evidence - Computer peripherals
  • 23. Sample Evidence - Flat Plate Scanner
  • 24. Sample Evidence - Computer Cases
  • 25. Sample Evidence - Computer Cases
  • 26. Sample Evidence Area Sometimes they can never be separated from their computer.
  • 27.
  • 28.
  • 29.
  • 30.
  • 31.
  • 32.
  • 33.
  • 34. Preservation – Hacker systems When you have a case involving a computer as the object or means of committing a crime, remember that a program running in memory might be the evidence of your crime.
  • 35.
  • 36.
  • 37.
  • 38.
  • 39.
  • 40.
  • 41.
  • 42. Preservation – Urban Legend? The possible presence of degaussing (magnets) equipment placed in the crime scene by the suspect. Evidence being lost due the presence of large degaussing hardware hidden in a doorway and operated by a wall switch. Hmm,…not likely.
  • 43.
  • 44.
  • 45.
  • 46.
  • 47. It is the small stuff that can create problems sometimes…
  • 48.
  • 49. Someone wanted this one dead…
  • 50.
  • 51. Collection If you are seizing more than one computer system first number the computers and then tag the cables and hardware using the computer number.
  • 52.
  • 53.
  • 54.
  • 55.
  • 56.
  • 57.
  • 58.
  • 59.
  • 60.
  • 61.
  • 62.
  • 63.
  • 64.
  • 65.