An overview of computer forensics

The core goals of computer forensics are fairly straightforward: the preservation, identification, extraction, documentation, and interpretation of computer data. There are several policies and procedures that need to be out-lined and defined with regard to computer forensics are analyzed in this paper. Data must be able to be retrieved and analyzed without it is damaged. The authenticity of the data is also ensured. The widespread usage of computer forensics has resulted from the convergence of two factors: the increasing dependence of law enforcement on computing and the ubiquity of computers that followed from the microcomputer revolution. There is a plethora of hardware and software tools available to assist with the interpretation of forensic data. The AccessData Forensic Toolkit can be used by both law enforcement and the private sector to run complete forensic examinations of a computer.