Computer Forensics BACS 371. Evidence Collection & Admissibility. Outline. Evidence overview Evidence admissibility Challenges to evidence Evidence acquisition Preserving evidence Evidence authenticity Forensic methodology Special considerations. 5 Rules of Evidence.
Evidence Collection & Admissibility
What makes evidence “admissible”?
There are a number of pertinent legal aspects to acquiring evidence. These include:
Computer Forensics is the discipline of acquiring, preserving, retrieving, and presenting electronic data.
Three C’s of evidence:
Forensic analyst tend to use authentication based upon hash values
Over the years, several evidence standards have been devised.
A forensic methodology is a well-defined, repeatable process used by forensic analysts to ensure that:
Successful forensic examinations generally follow the scientific method.