ForensicsWiki will continue to operate as it has before and will not be shutting down. Thank you for your continued support of ForensicsWiki.

Difference between revisions of "Techniques"

From ForensicsWiki
Jump to: navigation, search
 
m (wow. Didn't raelize that RFC #### was special in mediawiki)
 
(4 intermediate revisions by 2 users not shown)
Line 1: Line 1:
Although the methods for investigating computer forensics are limited only by an investigator's imagination, here are some guidelines on tried and true methodologies.
+
Although the '''techniques''' for investigating [[computer forensics]] are limited only by an [[investigator]]'s imagination, here are some guidelines on tried and true methodologies.
  
 +
== Techniques ==
  
[[Data Reduction]] - By eliminating information that doesn't matter, an investigator is left with information that does matter.
+
* [[Data Reduction]] - By eliminating information that doesn't matter, an investigator is left with information that does matter.
 +
* [[Locard's exchange principle]]
 +
 
 +
==Guidelines==
 +
* RFC 3227, "Guidelines for Evidence Collection and Archiving," D. Brezinski and T. Killalea, February 2002.

Latest revision as of 15:40, 30 April 2006

Although the techniques for investigating computer forensics are limited only by an investigator's imagination, here are some guidelines on tried and true methodologies.

Techniques

Guidelines

  • RFC 3227, "Guidelines for Evidence Collection and Archiving," D. Brezinski and T. Killalea, February 2002.