Answer the following questions thoroughly.
- Explain how over-reliance on automated programs and self-proclaimed experts pose a problem in computer investigations. How can this problem be overcome?
The answer should include the following points:
Corruption and loss of evidence
Rules of computer investigations
- Define firmware. Describe the bootup sequence of a computer with particular reference to the BIOS found in IBM-compatible personal computers.
The answer should include the following points:
IEEE definition of firmware
Commands executed upon system booting
- Describe the five general categories of data analysis tools. Illustrate with an example how file viewer software is used in child pornography cases.
The answer should include the following points:
Indexing, text searching, viewers, time frame analysis, and application analysis
Example of how file viewers help investigators quickly identify questionable graphics files
- Describe the five categories of software that can be used in computer investigation.