From the course: CompTIA Security+ (SY0-601) Cert Prep: 9 Operations and Incident Response

Unlock the full course today

Join today to access over 22,400 courses taught by industry experts or purchase this course individually.

Introduction to forensics

Introduction to forensics

From the course: CompTIA Security+ (SY0-601) Cert Prep: 9 Operations and Incident Response

Start my 1-month free trial

Introduction to forensics

- [Instructor] When asked to participate in the evaluation of electronic evidence as part of an investigation, security professionals engage in digital forensics. The goal of digital forensics is to collect, preserve, analyze, and interpret digital evidence artifacts in support of an investigation. This includes everything from pulling data from a smartphone or laptop, to analyzing network traffic logs. Digital forensic investigators have a wide variety of tools and techniques at their disposal, and they must follow some basic principles when they're working with evidence. One of the most important guiding principles of any forensic science is that investigators must never take any action that alters the evidence itself and may lead to future misinterpretation. This is easy to understand when applied to physical forensics. Investigators should wear gloves at a crime scene and avoid contaminating samples with their own…

Contents