Main Page Forum Ringtones SMS Messages Games Free Downloads Contact UsTelepk Map
Make This Page Your Home Page Make TelePK.Com Your Favorite Website Telepk Header
IP: 54.158.248.167 COUNTRY: Flag:
Mobile Zone
  1. PTCL TelePhone Directory
  2. SMS Messages
  3. SmS Jokes
  4. Sms Dictionary
  5. Memory Card Rates
  6. Mobile Phones
  7. Mobile Phone Articles
  8. Mobile Tutorials
  9. Mobile Games
  10. Mobile Wallpapers
  11. Secret Codes
  12. Ring Tones
  13. Web To SmS
  14. Telecom Reviews
  15. SMS Worldwide

Entertainment
  1. Islam
  2. Listen Radio Live
  3. Watch TV Channels
  4. Elections
  5. Home Decoration
  6. Beauty And Health
  7. Tech News
  8. Kitchen
  9. Greeting Cards
  10. Animation
  11. Messenger Zone
  12. Online Chat
  13. Articles
  14. Downloads
  15. City Codes
  16. Computer
  17. Know Your Heart
  18. Palmistry
  19. Myspace
  20. Make Money
  21. World News
  22. Map Guide
  23. Eid Day
  24. Pakistan
  25. Pakistani Singers
  26. Personalities
  27. Emergency No.s
  28. Funny Jokes
  29. Finance
  30. Flights
  31. Funny Pictures
  32. Kids
  33. Songs
  34. Sports Online
  35. Spotlight
  36. Student Visa
  37. Education
  38. Online Games
  39. Study Abroad
  40. Tutorials
  41. Immigration
  42. Internet
  43. Urdu
  44. Weather Status
  45. Webmaster Tools
  46. Valentine Day
  47. Video Clips
  48. Videos

Latest Updates!
Please fill out the form below to get notified whenever telepk.com will be update.
Enter your email address:



Active Visitors
  1. 180





Forensic Computer Analyst

Q. What are Computer Forensics and how does the process work work?

A. Computer Forensics is the analysis of information contained within and created with computer systems, typically in the interest of figuring out what happened, when it happened, how it happened, and who was involved. This being said, computer forensic techniques and methodologies are used for conducting investigations - again, in the interest of figuring out what happened, when it happened, how it happened, and who was involved.

The Certified Computer Forensics Investigators first step is to clearly determine the purpose and objective of this Investigation. Then they will take several careful steps to identify and extract all relevant data on a subject’s computer system. Forensic analysis will extract the data that can be viewed by the operating system, as well as data that is invisible to the operating system.

Image, protect and preserve the evidence during the forensic examination from any possible alteration, damage, data corruption, or virus introduction insuring evidence is not damaged, tainted or is in any other way rendered inadmissible in court.

Use Forensically Sound protocols at all times during the investigation to ensure that the information on the computer is admissible in court. Assume that every case/situation could end up in the legal system. If your Computer Forensics Examiner doesn’t make that assumption, find someone else

Address the legal issues at hand in dealing with Electronic Evidence, such as relevant case law, how to navigate the discovery process, protection of privilege, and in general, working/communication with attorneys and other professionals.

Discover all files on the subject's system. This includes existing active files, and invisible files; deleted yet remaining files, hidden files, password-protected files, and encrypted files. In many cases, information is gathered during a computer forensics investigation that is not typically available or viewable by the average computer user, such as deleted files and fragments of data that can be found in the space allocated for existing files - known by computer forensic practitioners as slack space. Special skills and tools are needed to obtain this type of information or evidence.

In computer forensics, there are three types of data that we are concerned with - active, archival, and latent.

Active data is the information that you and I can see. Data files, programs, and files used by the operating system. This is the easiest type of data to obtain.

Archival data is data that has been backed up and stored. This could consist of backup tapes, CD's, floppies, or entire hard drives to cite a few examples.

Latent (also called ambient) data is the information that one typically needs specialized tools to get at. An example would be information that has been deleted or partially overwritten.


Recover all deleted files and other data not yet overwritten. As a computer is used, the operating system is constantly writing data to the hard drive. From time to time, the operating system will save new data on a hard drive by overwriting data resident on the drive but no longer needed by the operating system. A deleted file, for example, will remain resident on a hard drive until the operating system overwrites all or some of the file. Thus, in order to preserve as much relevant data as possible on a computer system, you must acquire relevant computers as soon as possible. The on-going use of a computer system may destroy data that could have been extracted before being overwritten. Fortunately, the costs of acquisition are very reasonable, and the process is not disruptive.

Analyze all possibly relevant data found in special (and typically inaccessible) areas of a disk. This includes unallocated space on a disk (currently unused, but possibly the repository of previous data that is potentially relevant), as well as 'slack' space in a file (the unused space at the end of a file, in the last assigned disk cluster, that may be a possible site for previously created and relevant evidence).

Report Analysis of the computer system, as well as provide you a copy of all relevant data, parsed in a format and arranged to be integrated into your legal theories and strategies.

GDF’s analysis and investigation work is performed using the highest level of Forensic scrutiny. We follow known forensic procedures and use only open and Verifiable programming techniques. Our methodologies are transparent - we encourage the Court and opposing sides to dissect our work because we stand behind its admissibility 100%. We use NO PROPRIETARY or secret methods or programs when doing our analysis. Instead we use our programming skills to build tools and software specifically for the task at hand. And of course we always notate everything and open our work to scrutiny by all parties involved.

Provide Expert consultation and/or testimony, as necessary.

Q. When should I consider using Computer Forensics?

A. If your client/employee has a computer, they need computer forensics. The computer has invaded our very existence, become a part of our lives, and is an integral part of almost every case.

Computer Forensics differs from data recovery, which is, recovery of data after an event affecting the physical data, such as a hard drive crash. Computer forensics goes much further. Computer forensics is a complete computer examination with analysis as the ultimate goal.

In any case where a Computer or Information system is/was available use Computer Forensics as a tool to (1) determine the facts from your employee/ client, (2) discharge your duty to avoid spoliation, (3) obtain all relevant evidence from the opposing party in a manner similar to using a Request for Production of Documents, and (4) determine whether computers were used as the instrumentality of a tort or crime, or violation of Policy.

Determine Facts you must have all the information relevant to a matter, not only to construct effective legal strategies, but also to focus your expectations, and efficiently budget your services. There is nothing more difficult to address than a case that has become complicated by new facts, where you expected the matter to proceed smoothly and without significant cost. Knowing all the facts early in a matter, allows you to better prepare for those cases that will require significant legal expertise to manage.

In response to pending litigation, analyzing your relevant computers is an excellent way to discharge your duties to preserve evidence and avoid spoliation, while also acquiring all relevant information essential to your legal theories and strategies. Similarly, as part of critical business decisions, forensically analyzing relevant computers can provide essential information. For example, analyzing the computers of corporate officers or employees as part of the termination process can alert you to possible litigation issues such as violation of non-compete agreements, improper copying of intellectual property, etc.

In Lieu of Request for Production of Documents. In litigation, an attorney ought to determine whether a Request for Production of Documents will obtain all relevant evidence. You might simply ask yourself whether you want to discover part of the relevant information (i.e. that seen by your opponent’s operating system) or all of it (deleted, hidden, orphaned data, etc). It is not unrealistic to anticipate that information contained on a computer system that is helpful to a matter would be saved, while that which is harmful would be deleted, hidden, or rendered invisible. For example, in sexual harassment cases, it is not unusual to discover deleted emails and other data invisible to the operating system that significantly affects the case. Computer forensic analysis extracts all the emails, memos, and data that can be viewed with the operating system, as well as all invisible data. In many cases, the invisible data completely changes the nature of a claim or defense, leading to early settlement and avoidance of surprises during litigation.

In any situation in which one or more computers may have been used in an inappropriate manner, it is essential to call a forensic expert. Only a computer forensic analyst will be able to preserve, extract, and analyze the vital data that records the “tracks” left behind by inappropriate use. Taking the wrong steps in these circumstances can irretrievably destroy the vestiges of wrongful use that may result in litigation or criminal prosecution.



Q. If I think that evidence exists, is it ok if my technology expert takes a look for the information before I get in touch with a Computer Forensics Expert?

A. Companies that fall victim to computer crime may be inadvertently destroying evidence in their efforts to find the perpetrators. "You only have one opportunity to collect the evidence” you need to prove your case.

"Human resources send in well-meaning IT staff that doesn’t know what they are doing and ruin the evidence. Although the internal IT staff is often highly knowledgeable regarding their working environment and the technology employed within, computer forensic investigations are best performed by outside certified experts Specifically, the nature of the forensic analysis process coupled with the requirements in preserving evidence and Chain-of custody requirements the court system necessitates that computer forensic investigations are performed by external entities equipped with authorized forensic technology and trained to observe forensic protocols. "What we see is well-meaning IT professionals going in and doing what you see on every bad crime film: they muddy the waters. You need a professional certified computer forensic team in there as soon as possible."

Additionally, using in-house personnel can raise issues related to authentication that can increase the cost of admitting evidence. In-house personnel may be put through a challenge that could threaten the admissibility of critical evidence. If there is a remote chance that the matter could end up in court, best practices strongly suggests having the data analyzed by a computer forensic expert. The cost of expert analysis will almost always be far less than the cost of defeating a challenge to the admission of critical evidence.

Most in-house technology experts are concerned with mission critical data and recovery from catastrophic data loss. They are not expert in the acquisition and preservation of data rendered invisible to the operating system. Even the most well intentioned Technology expert can damage the fragile information that is stored on a computer, especially when the operating system does not recognize the data. The simple act of turning the computer on or looking through files can potentially damage the very data you’re looking for. Dates can be changed, files overwritten and evidence can be corrupted.

Accusations of evidence tainting are not rare in cases involving computer data when the party who owns or acquires the computer data also analyzes it. Issues such as accessibility to the data by other parties, experience and credentials of the person who acquired and reviewed the data, as well as other questions along these lines are typical.

For the above reasons it's not advisable for a employer, employee, friend, etc. to perform the function of acquiring and reporting evidence that has any chance of being litigated by any party.

Professional, third-party companies like GDF are experienced in this type of work and considered neutral and unbiased. Evidence obtained and submitted by certified professionals like GDF’s is likely to carry much more weight in front of opposing counsel, corporate management, a jury or any other party.

GDF certified investigators employ the proper hardware and software to identify, isolate, and preserve electronic information in a court admissible manner. They posses the expertise and experience vital to efficiently analyze electronic information and uncover electronic evidence while relying upon essential training and experience to ensure the court admissibility of electronic evidence.



Q. What risks are there if I don’t consult a Computer Forensics expert at the start of a problem?

A. The most frustrating aspect of forensic analysis is that the operating system randomly overwrites data on the hard drive. This means that the longer a computer is used, the more likely it is that evidence will be lost. Fortunately, the operating system frequently records evidence in several places simultaneously. So if the data is overwritten in one area, it may still reside in another. It is impossible to tell, however, whether the data that is most important to you will survive the constant use of the computer. Indeed, the simple act of turning the computer on or looking through files can potentially damage the very data you’re looking for. The dates that files were created can be changed, files can be overwritten and evidence can be corrupted. The safest practice is to acquire an image of the computer as soon as possible; however, it may be possible to find relevant data even after years of use.





Q. How do I figure out the ROI on contracting Computer Forensic Services?

A. If you are thinking about performing this type of work yourself or using your corporate IT department or local computer technician, consider the internal dollar cost and possibility of your evidence being tossed out because of the method in which it was acquired the qualifications of those who worked on it, or personal and business associations your staff might have with the subject.

The internal cost is not only the time you or other people spend performing this work but also taking them away from their assigned responsibilities and the time spent in writing reports, (a 40 GB hard drive can have over 9,101,420 pages of data) possible Interrogatories & depositions, other internal issues, gossip spreading and loss of work productivity. All these may occur and can affect you, your business and most importantly: the outcome of your case or situation.



Q. How can a Computer Forensic Company help us reduce loss and liability?

A. Consider the following: it is estimated that each year, billions $$$ are lost through employee theft, fraud and sabotage. This is the direct cost only. Add to it billions more in investigation and litigation costs, lost productivity, the future value of Intellectual Property lost…the list goes on as do the billions of dollars lost. Now, add the cost of the publicity surrounding employee malfeasance: Loss of reputation, employee morale, a depressed stock price.

Finally, the new regulatory and litigation environment we are now entering places a new, heightened level of personal responsibility and liability on the backs of corporate executives and directors for the activities of their employees and organizations. How many are willing to take that risk?

Often, the cost to use professional Computer Forensic Certified, third-party firms like GDF far outweigh the internal costs both in dollars and in winning your case. In addition our rates are competitively priced while delivering fast aggressive service anywhere, anytime in the “World”

It may be beneficial to you to review GDF’s “Quick Analysis” program.



Q. How much do Computer Forensic Investigations typically cost?

A. In the past, Computer Forensic Examinations could run tens of thousands of dollars because of the manpower necessary to thoroughly examine a hard-drive. With the advancement of technology in the Computer Forensics arena that is no longer the case. The software and hardware available now make the price of Computer Forensics affordable and well worth the investment. The prices can range from $250 and hour to $350 and hour and the process involves basically three steps: Acquisition, Investigation, and Reporting. Acquisitions usually cost less than $500.00. Investigation and Reporting, of course, depend on the nature of your case. In most instances, searching and reporting can be completed in less than 15 hours and the total analysis is usually less than $4500.00.

There is no reason that computer forensic analysis needs to disrupt any business. Making an “image” of a computer system (even if several computers are involved) can be done during non-business hours, at night, of over a weekend. In many cases, the image is acquired in less than 5 or 6 hours.

Global Digital Forensics is able to help you determine if you have a case or not. Our "Quick Analysis" service allows you to analyze your data for a “Flat fee” to see if incriminating evidence is readily found.

GDF will forensically examine a hard drive and search for up to Ten (10) keywords that you supply. We will then forward to you a report that includes every instance of the keywords, whether it is in a deleted file, e-mail message, viewed web page, Word document, or any other active or deleted file that resides on the hard drive. This initial step will help determine if you have a case and if further examination is warranted.

“Quick Analysis” – includes: Hard Drive, analysis, active files, deleted files, hidden files, e-mail, documents, etc

PROCESS:

The suspect hard drive is received, and logged.
A proper chain-of-custody log is created
The suspect drive is forensically duplicated (imaged) using court accepted procedures
The original evidence is properly stored in compliance with court approved procedures
GDF interviews principle to gather facts of the case and clear objectives and a case-specific plan for discovery that is quick and effective

GDF’s Certified Investigators searches the entire hard drive for up to Ten (10) keywords provided by the principle.
All keyword occurrences are documented in a written Report
GDF assigned lead investigator forwards the complete Report to the principle
GDF’s Investigator explains the findings with the principle and awaits further disposition
the written report will help in determining any evidence or indicators to determine further disposition

There is no reason that computer forensic analysis needs to disrupt any business. Obtaining an “Image” of a computer system (even if several computers are involved) can be done during non-business hours, at night, of over a weekend. In many cases, the image is acquired in less than 3-5 hours.



Q. I often hear that as an attorney I may be liable for malpractice if I don't consider Computer Evidence. how realistic is this?

A. It is well documented in the media that computer or digital evidence has been the "smoking gun" in many high profile cases. With the majority of new information in businesses of all sizes being created and stored on computer systems of all sizes it is undisputable that digital evidence, be it documents, databases or the omnipresent e-mail should be considered a primary source of evidence. While malpractice is a harsh word, it certainly is not in any clients best interest to ignore potentially relevant sources of evidence, including computer evidence.



Q. I think that a computer in my organization may contain important evidence, what do I do now?

A. STOP using the Computer, any use of this computer may DAMAGE, and Taint any evidence. If the suspected computer is turned off leave it off.

If the computer is on, DO NOT goes through a normal “Shut Down” process... Call GDF for Immediate Instructions.

Do not allow the internal IT staff to conduct a preliminary investigation

first, all you have is information and data, there is no evidence. Unless your IT staff is certified in Computer Forensics and trained (and very few are) on evidentiary procedures, they have not maintained chain of custody or followed other accepted evidence techniques. Second, even if proper evidence handling techniques have been used, the collection process itself has altered, and likely tainted, the data collected. By opening, printing, and saving files, the meta-data has been irrevocably changed. Third, turning on the computer changes caches, temporary files, and slack file space which, along with the alteration of the meta-data, may have seriously damaged or destroyed any evidence that was on the computer.

Depending on the damage done by the internal IT staff, a skilled computer forensics vendor may be able to salvage the damaged evidence. This, however, can be an arduous and time-consuming process which often costs several times more than the original analysis would have cost. Nevertheless, it is not always possible to restore evidence, especially meta-data timelines, from computers that have been mishandled. A good rule of thumb is to always use a certified external vendor for computer evidence collection.

Keep a Detailed Log of who had access, what was done and where the computer has been stored since the dates in question.

When the hard drive is removed and sent to GDF for a Forensic Examination make sure to document the date and time in the system and note whether it differs from the current time.

Secure the computer

Be prepared for litigation

Computer forensics may be an unknown and mysterious discipline to many but it is easy to avoid the most common procedural mistakes. Only use a certified computer forensics expert and do not rely on the internal IT staff for computer forensics investigations. If there is a 20% chance that evidence from a suspected computer system will be needed, have GDF do a* “Quick Analysis” and forensically collect the evidence and complete a report.


Q. How Can I ship my Computer/Hard Drive to GDF for a Computer Forensics Investigation?

A. Please, before you do anything call for complete instructions. GDF recommends that you have the disc drive(s) removed by an experienced computer technician and shipped to us. GDF will talk you through process. We can also provide on-site acquisition service at your locations for an additional cost.

Please do not ship anything to us without contacting us in advance and obtaining a Case Code. The Case Code must be written on the shipping label we will instruct you to the closest available and quickest lab for you.

Disc drives are static sensitive so we recommend that the drive(s) be placed in an antistatic bag and sealed. Wrap about 1/2-inch of solid foam or bubble wrap around the disc and tape so all sides are sealed. Make sure the contents will not bounce around in the box you use. DO NOT USE 'PEANUTS' OR ANY STYROFOAM PACKING MATERIAL - THIS MATERIAL CREATES STATIC ELECTRICITY !



<<< Back


Send this page to a friend

   
Most Viewed Services:
  1. New Year
  2. Free TV
  3. Watch GEO News
  4. Watch Disney TV USA
  5. AIM Away Messages
  6. AIM Buddy Icons
  7. BBQ Recipes
  8. Burger Recipes
  9. Fruit Salad Recipes
  10. Funny Pictures
  11. Spider-Man
  12. Spider-Man The Film
  13. Spider-Man Wallpapers
  14. Family
  15. Family Fun
  16. Windows Live Messenger
  17. Easter E-Cards
  18. 2008 Festivals
  19. Christian Festivals
  20. Msn Display Pictures
  21. Yahoo Avatars
  22. Myspace
  23. Nokia 5700
  24. Nokia 5070
  25. Bob Woolmer
  26. SMS Messages
  27. SMS Jokes
  28. Animals
  29. Apple
  30. Bikes
  31. Zong
  32. World
  33. Cars
  34. Celebrity
  35. Facebook
  36. Ali Lohan
  37. Computer
  38. Finance
  39. Fitness
  40. Shoes
  41. New Homes
  42. MSN Web Messenger
  43. Download MSN Messenger
  44. Download Latest Msn Messenger
  45. Multi MSN
  46. Download Multi MSN
  47. MSN Emoticon
  48. MSN Nick Name
  49. MSN Screen Names
  50. MSN Nick
  51. MSN Names
  52. Cool MSN Emoticon
  53. Urdu
  54. Urdu Jokes
  55. Urdu Dictionary
  56. Urdu Poetry
  57. Automobile
  58. Cars
  59. New Cars
  60. Food
  61. Kitchen
  62. Cell Phone
  63. Free Mobile Game
  64. Free Mobile Wallpapers
  65. Mobile Phone Secret Code
  66. Free Web SMS
  67. Free Worldwide Sms
  68. Islam Way
  69. Home Interior Decoration
  70. Health And Beauty Tip
  71. Latest Tech News
  72. Kitchen Remodeling
  73. Free E Greeting Card
  74. Know Heart
  75. Palmistry Line
  76. Make Money Online
  77. Myspace HTML Codes
  78. Myspace Toolbox
  79. Toyota RAV4
  80. Nokia Cell Phone
  81. Sony Ericsson Cell Phone
  1. Chinese New year Celebration
  2. Blackberry Phone
  3. Funny Joke
  4. MSN Avatars
  5. MSN Smileys
  6. MSN Display Pics
  7. MSN Display Pictures
  8. Pakistan Cricket Team
  9. Spicy Food
  10. Health Food
  11. Pakistan
  12. AOL Block Checker
  13. Urdu News
  14. Yahoo Web Messenger
  15. Download Yahoo Messenger
  16. Download Latest Messenger Version Yahoo
  17. Multi Yahoo Messenger
  18. Download Multi Yahoo Messenger
  19. Yahoo Emoticon
  20. Yahoo Hidden Emoticon
  21. Yahoo Avatars
  22. Yahoo Display Pictures
  23. Yahoo Animated Avatars
  24. Yahoo Smileys
  25. Free Cooking Recipe
  26. Hindu Festivals
  27. Sikh Festivals
  28. March Madness
  29. Tutorials
  30. Article of Mobile Phone
  31. Abrar Ul Haq
  32. Zong Sms
  33. Internet
  34. Better Homes
  35. Home
  36. Pets
  37. Forex
  38. Real Estate
  39. Science
  40. Stock Exchange
  41. WWE
  42. Information
  43. Football
  44. Flights
  45. Cricket News
  46. Latest World News
  47. Personality
  48. Emergency Phone Numbers
  49. Family Kid
  50. Online Spotlight
  51. Student Visa
  52. Download Online Game
  53. Study Abroad
  54. Immigration Law
  55. College University
  56. Web Master Tool
  57. Weather Report
  58. Funny Video Clips
  59. Funny SMS Joke
  60. Urdu SMS
  61. New Year SMS Joke
  62. Free SMS Joke
  63. AIM Block Checker
  64. City Code
  65. Find Article
  66. Dual Sim T500
  67. Asus P535
  68. Asus Cell Phone
  69. Sky Scrappers
  70. Funny Jokes
  71. History of Pakistan
  72. Government of Pakistan
  73. Lahore Resolution
  74. English Chat
  75. Online Chat Rooms
  76. Computer Wallpaper
  77. Software Downloads
  78. Samsung i710
  79. Ali Zafar
  80. Atif Aslam


More Resources...


© All Rights Reserved : Pakistan : Privacy Policy : Disclaimer : Advertise with us : Sitemaps : 1, 2, 3, 4, 5