Free Forensics Investigation Essay Sample
A forensic investigation is the exercise of lawfully providing evidence and facts which are to be laid out in a court of law. Forensic is a word derived from the Latin word forensis which means 'of or before the forum.' This exercise found its application in the Roman Empire as those individuals charged of criminal offence were brought in front of a public group to argue their instance. Nowadays, the term forensic find its application in almost all investigations, varying from computer committed crimes to those crimes related to murders.
Core areas of concern
In a case like computer forensic investigation, there are five core areas of concern namely: integrity of evidence, extraction, interpretation of evidence, documentation, and rule of evidence. So that a given forensic investigation can give the most precise results, a variety of tools are necessary for the evaluation of the areas of concern that are mentioned above. Some of the tools used for evaluation are; Live View, StartupList, HijackThis, isof, OpenFilesView, Wireshark, and Helix 3.
It is a responsibility of a computer forensics investigator to inspect the system of a computer for uncovering the evidence that may get presented in a court of law. In real-world situation, it is important to maintain the integrity of crime sight so that to protect all evidence from damage and preventing fake evidence from being presented to the area in question. If the integrity of electronic evidence is considered, the evidence should be protected from varied outcomes, for instance, destruction or alteration of a computer hard disk by dropping it or exposing to inappropriate environmental conditions should be avoided.
The computer forensics specialist after inspecting and obtaining the evidence, uses the tool of investigation called Live View to extract the evidence. This means, the evidence is duplicated without being altered altogether.
After the evidence has been identified it can be interpreted statistically. By this, the doubtful facts that are confirmed true or bogus in an authorized setting, comes in varied ways. There exists many types of evidence, almost all of them bear variances during when they are being measured and comparisons made between the experimental value and the real value.
Documentation is done on a given evidence collected , the person concerned, and any step that took place starting from investigation until about to implement. This becomes very important since the challenging party may argue that the evidence is tampered with, and the investigator very easily disapproves them using the documentation made. Dates, events and times are some of important things that need to be documented. Another investigator can use what is documented to get at the same conclusion as the earlier investigator.
Rule of evidence is the last area in which the relevancy, dependability and admissibility of the expert are determined. From the perspective of forensic evidence, which is assembled, analyzed, and translated by experts who are always called to confirm as expert witnesses.