Difference between revisions of "Techniques"

From ForensicsWiki
Jump to: navigation, search
m
m (wow. Didn't raelize that RFC #### was special in mediawiki)
 
(2 intermediate revisions by 2 users not shown)
Line 4: Line 4:
  
 
* [[Data Reduction]] - By eliminating information that doesn't matter, an investigator is left with information that does matter.
 
* [[Data Reduction]] - By eliminating information that doesn't matter, an investigator is left with information that does matter.
 +
* [[Locard's exchange principle]]
 +
 +
==Guidelines==
 +
* RFC 3227, "Guidelines for Evidence Collection and Archiving," D. Brezinski and T. Killalea, February 2002.

Latest revision as of 11:40, 30 April 2006

Although the techniques for investigating computer forensics are limited only by an investigator's imagination, here are some guidelines on tried and true methodologies.

Techniques

Guidelines

  • RFC 3227, "Guidelines for Evidence Collection and Archiving," D. Brezinski and T. Killalea, February 2002.