Page 57 - cyber law new
P. 57
17MCSC09 CYBER SECURITY AND CYBER LAW
used as evidence in that particular case. Meanwhile, it is a part of computer forensics
where some special techniques have been use for preserving, identification, analysis,
examination, authentication, interpretation and documentation of digital information.
Computer forensics is a mandatory process in the field of investigation where digital Notes
evidence should be gathered and processed in the court of law. However, the preservation
of digital evidence must be fall under some categories, as it depends on the type and
place of crime. Like if crime happens in any business organization/firm then some other
steps have been followed by investigation team for preserving of digital evidence, while
if it happens in any other destination then different steps should be following. Else in
the process of preservation of digital evidences different types of risks may occur and
to combating them an investigation team should be prepared with mitigation practices.
Let us discuss the following categories with preservation steps:
1. Stand-alone home computer
Don’t try an attempt to use computer.
Photograph it from front and back side.
Unplug all power cords.
Seize additional storage media.
Collect instruction manuals, documents and notes.
Prepare the documentation of all steps involved in the seizure of a
computer.
2. Home Networked system
Unplug power to router or modem.
Rest of the procedure is same as above.
3. Business Network
A computer specialist should be consulted in case of preserving business
servers.
A team has to secure the scene and prevent handling of any networking devices
except professional.
Because in these matters in anyone pull out the plug then it may cause damage
to the system or loss of data.
4. Storage Media
Used to store data from electronic devices.
Keep away from magnets, radio transmitters and other potentially damaging
devices.
Self Learning Material 57
