Computer Forensics and Investigations
Introduction
Computer technology plays an important part in everyday human life and it is growing at a very high rate and this result in the increase of computer crimes such as identity theft, intellectual theft, unauthorized intrusion and financial fraud. One way of counteracting such types of crimes is by the use of Computer forensic investigations which deals with obtaining as well as analyzing digital information in order to provide evidence that will be used in criminal, civil and administrative cases (Shinder,2002). Computer forensic investigation entails investigating the data that is taken from computer hard discs as well as any other storage devices by following standard policies and procedures in order to determine if those devices have been compromised or not. Computer forensic investigators normally work as a team and they use different methodologies such as static and dynamic as well as tools like Encase or ProDiscover. In order to be able to accomplish their tasks effectively, computer forensic investigators are supposed to be conversant with certain laws and regulations as well as have knowledge of different computer operating systems such as Windows and Linux (Shinder,2002). In addition, they are also supposed to know how to use network operating systems such as Win NT. Cyber-terrorism is a deliberate act of disrupting computer networks especially personal ones that are attached to the internet by use of tools such as viruses. The theme of this essay is to discuss computer forensic investigation of cyber terrorism in terms of how to approach incident review, legal restrictions characterized by it as well as determining the scope and intents of investigation for a company that has fallen a victim of cyber-terrorism.
Approach to Incident Review of Cyber-Terrorism
The first step investigation team will be to establish how cyber terrorism occurred. The forensic investigation team was asked to conduct...