Computer Forensics Basics
Tutorial on the Field of Computer Forensics

Computer forensics basics are about data recovery basics. Read our field of computer forensics tutorial & learn what computer forensics tools detectives' use

When you get right down to it, computer forensics basics aren't very basic at all. In fact, the work of a computer forensics investigator is quite complex.

In today's world of high-speed communications and global digital access, the opportunity for computer-related crimes is always expanding.

In order to combat this evolution of crime, agencies and organizations--private and public, civilian and military--employ investigators to prevent or trace it.

These investigators make up the computer forensics team.

Computer Forensics Basics: Job Details

What are some of the various crimes or acts of misconduct that computer forensics investigators look into?

  • Internal or external industrial espionage
  • Abuse of internet privileges by employees
  • Assessing damage done after a crime or infraction has been committed
  • Financial, property, or other fraud crimes
  • Theft of money, information, or clients

It is the responsibility of the computer forensics investigator to identify, recover, and analyze data that pertains to any given case.

It is a sensitive job that requires complete concentration and an ever-expanding knowledge of the digital world.

An investigator must be trained and educated in computer science, CSI protocol, and the various forms of computer forensics information.

So, no, there's nothing basic about computer forensics investigation. It's an incredibly complex, though highly rewarding job.

Computer Forensics Tools

How does the computer forensics specialist work to prevent, stop, or identify digital crimes? What are the various tools he or she uses to get the job done?

For one thing, there are a variety of computer forensics software programs available for them to use.

Programs like EnCase and Vogon work to help the computer forensics investigator recreate a given computer or PDA's data, and then distill it into appropriate indexes.

Through the use of the processing and identifying tools these programs offer, the investigator can then determine whether or not any evidence is to be found on that particular piece of electronic equipment.

There are also free software tools available for direct download from the Internet. One of the more popular programs is called Data Dump, which allows the investigator to do the identifying, processing, and detecting, but with a much less user-friendly interface.

Only someone especially skilled in computer use will find these free programs helpful.

But the biggest tool of all, the one the computer forensics investigator will use most often, is the human brain.

As Internet and computer crime evolves, so must the investigator trying to stop it. This means always being ready to learn something new, expanding your knowledge of data recovery basics, and remaining on the cutting edge of the computer world.

Understanding Computer Forensics Basics

Training is key to the understanding of the field of computer forensics. To be hired in this position, you must acquire certification.

Find a School!

Think a career in criminology is for you?

Then start here & find a school for you!

But assuming your drive, perseverance, and focus has led you along the path of your education to the employment stage, let's take a look at what you may be required to do during a given investigation.

In essence, here is a basic computer forensics tutorial of your potential work:

  1. First, you'll want to isolate the problem. This means making a replication of the data you need to investigate. To do so, you'll use the various software programs mentioned above.

  2. Next, you'll investigate the data you've copied, looking for irregularities.

  3. While you are doing numbers one and two, you'll want to be monitoring the network for any strange or irregular behavior.

  4. You will also want to keep an eye open for any files that may be open or in use, or anything that has been used more often than others.

  5. Once you've investigated any irregularities and found your evidence, you'll analyze the data and present it to those in charge. With any luck, the work you've done may help to further the investigation towards a satisfying conclusion.

Return from Computer Forensics Basics to Computer Forensics Education

Return from Computer Forensics Degree to Careers in Criminal Justice