How RAM analysis will be integral in investigations.
The digital device is not the only place digital data can be stored and as cloud-based solutions are taking over traditional data storage devices. Discuss how you believe that RAM analysis will be integral in investigations and why.
How RAM analysis will be integral in investigations
The digital device is not the only place digital data can be stored and as cloud-based solutions are taking over traditional data storage devices. Discuss how you believe that RAM analysis will be integral in investigations and why. Also discuss two things that you believe will be important for the investigator to consider and why and two things that you believe that they will not need to consider and why.
please provide 3 sources
more information:
The official ACPO Guidelines recommend the following standard procedure for capturing a memory dump during RAM Analysis [14]: Perform a risk assessment of the situation so as find out whether it evidentially required and safe to perform volatile data collection. If so, install volatile data capture device e.g. USB Flash Drive, USB hard drive etc. Also Run the volatile data collection script. Once complete, stop the device particularly important for USB devices which if removed before proper shutdown can lose information. Remove the device. Verify the data output on a separate forensic investigation machine other than the suspect system. Immediately follow with standard power- off procedure
RAM analysis, is an important part of computer forensics. As it helps the investigators in finding out what all happening on the machine right before the crime is done. As all the running processes in the system pass through the RAM, it is important to retrieve it before the computer is off. Any discrepancy in the processes present in the RAM or any kind of wrong external communication.
Attachments
Click Here To Download
The post How RAM analysis will be integral in investigations appeared first on AssignmentHub.