Explain several major functions performed by computer forensics software such as FTK and Prodiscover. Please identify and explain at least 3 important differences.© BrainMass Inc. brainmass.com October 10, 2019, 8:16 am ad1c9bdddf
The response addressed the query is posted in 744 words with APA References.
// Computer forensics involves the acquisition, preservation, analysis and presentation of computer evidence. This type of evidence is fragile and can be easily destroyed, altered or accessed without authority. Computer evidence must be properly obtained, preserved and analyzed so as to count it as reliable and valid. In the following section, FDK and ProDiscover's functions are explained.//
FTK (Forensic Tool Kit) is a digital investigation tool built for speed, stability, and ease of use. It provides comprehensive processing and indexing to make filtering and searching process quick. FTK can be set up for distributed processing, which can be utilized for web-based case management and collaborative analysis (Bem & Huebner, 2006). FTK Imager is a software acquisition tool that helps in previewing the evidence, and if the evidence demands further investigation, it creates a forensically sound image of the disk. In order to prevent data from any accidental damage or intentional manipulation of data, it creates a bit by bit duplicate image of the media. The forensic image created is such that it is identical in every way to the original one, consisting of file slack and unallocated space or free space (Bem & Huebner, 2006).
FTK's database driven enterprise-class architecture allows handling a large ...
The expert explains several major functions performed by computer forensics software such as FTK and prodiscover. Three important differences are explained.The response addressed the query is posted in 744 words with APA References.