Computer Forensic Tools:
The use of computers in homes, schools, offices, and other places has increased in the past few years due to technological developments. As computers have become important components of modern communication, their increased use has also led to the emergence of computer crimes. Computer crimes basically involve the use of a computer system to carry out an illegal activity. In attempts to lessen the frequency and impact of computer crimes, law enforcement agencies use computer forensic to investigate these offenses. Actually, computer crimes are governed by specific laws and dealt with through conducting a computer forensic investigation (Easttom & Taylor, 2011, p.337). Notably, a computer forensic investigation is usually carried out through the use of computer forensic tools, which help in collection of evidence based on the specific offense.
Programs for Recovering Deleted Files:
There are various programs that can be used for recovering deleted files such as UndeletePlus, Disk Digger, and EnCase Forensics, which are associated with different success rates and particular functions. UndeletePlus is a program that is available for $29.95 and is very easy to use since it involves selecting a drive and clicking the Scan button. The program will then list any or all deleted files it finds or discover in the recovery process (Easttom & Taylor, 2011, p.287). On the contrary, DiskDigger is a freeware, which has a wizard interface that takes the user through the process. This involves...
EnCase Forensics the leader in digital forensics and available for $2,995 since it incorporates various features such as searching across various machines at the same time, automatic tasks, processing huge files at faster speeds, developing templates based on care profiles, and conducting more powerful queries.
These programs not only differ in costs and specific features, they also vary in the type of file systems supported. Since it works under nearly all Windows operating systems, UndeletePlus supports all Windows file systems for hard disk and removable disk drives such as FAT12/16/32, NTFS and NTFS5. As a result, this program is a quick and effective tool for retrieving files that have been accidentally deleted. In contrast, EnCase Forensics support FAT 12/16/32, NTFS, CDFS (CD-ROM), HFS, EXT2 (Linux), UDFS, and UFS (Unix) file systems. DiskDigger has an in-built support for different file systems like FAT12/16/32, NTFS, and exFAT systems.
Costs of Tools for Gathering Evidence from a Cell Phone:
Similar to computers, there are various tools that can be used to collect evidence from a cell phone with varying hardware and extra device requirements. Some examples for these tools include Paraben Software Device Seizure and Cellebrite UFED Ultimate, which differ in costs, features, and hardware requirements. Paraben Software Device Seizure consists of various features like file system acquisitions,…
