respnse to discussion below kr

/by

I would like to start by saying I have no experience with tools used in computer forensics. I learned about some in my previous digital forensics course. For this discussion I used opinions I found from others online and then did some research on those tools that I believe would be the top five. There are plenty of tools to choose from, but the ones I believe to be in the top five are EnCase, X-Way Forensics, Volatility, Registry Recon, and Xplico.

EnCase is a great multi-purpose tool. This tool can rapidly gather data from various devices and unearth potential evidence [1]. EnCase is also great for producing easy to understand reports that can be used in court. This device widely used and accepted in courts. This is a bit of a learning curve, but once you understand the tool, it is great at helping examine evidence.

X-Ways Forensics is an advanced platform for digital forensic and runs on all versions of Windows. X-Way Forensics is portable since it runs off of a USB stick. X-Ways Forensics is based on the WinHex hex and disk editor [2]. According to X-Way some of the features include disk cloning and imaging, read partitioning and file system structures, data recovery techniques, data interpreter, access to disk, RAIDS, and images over 2TB in size, and a ton of other features [2]. From what I found, X-Way seems like a well rounded product.

Volatility is a memory forensics tool. It may be used in incident response and malware analysis. With this tool, you can extract information from running processes, network sockets, network connection, DLLs and registry hives. It also has support for extracting information from Windows crash dump files and hibernation files [1]. While this tool may not be an all-around digital forensics tool, it is still great for what it can do. It is able to work with Windows and Linux [3]. Volatility is also free to use.

Registry Recon’s name speaks for itself. It is a digital forensics tool to analyze registries. This tool is not free, it cost $399. This tool is able to rebuild registries that have existed on the Windows system over time [4]. This is great because registry data can be deleted due to system activity, re-imaging, or a user trying to hide something. Like others, this isn’t a all-around tool, but it is great if current and past registries need to be investigated.

The final tool that I choose for my top five is Xplico. Xplico is open source and extract data from applications that use the Internet [1]. Protocols supported are HTTP, SIP, IMAP, POP, SMTP, TCP, UDP, IPv6, etc [5]. Output data and information is in the form of SQLLite database. While this is not an all-around tool, it is great for what it does. It is a great addition to any digital examiners toolbox.

The five tools I choose were EnCase, X-Way Forensics, Volatility, Registry Recon, and Xplico. Each tool is great in its own way and it is good practice to not rely on just one tool when performing work. EnCase is a great all around tool and X-Way Forensics is great that it is portable; being that it is on a USB thumb drive. Volatility is great when working with memory. Registry Recon is used when investigating within the registries of a system. The last tool, Xplico, is a great tool when dealing with applications that connect to the internet.

#Essaywriting #Academicwriting #Assignmenthelp #Nursingassignment #Nursinghomework #Psychologyassignment #Physicsassignment #Philosophyassignment #Religionassignment #History #Writing #writingtips #Students #universityassignment #onlinewriting #savvyessaywriters #onlineprowriters #assignmentcollection #excelsiorwriters #writinghub #study #exclusivewritings #myassignmentgeek #expertwriters #art #transcription #grammer #college #highschool #StudentsHelpingStudents #studentshirt #StudentShoe #StudentShoes #studentshoponline #studentshopping #studentshouse #StudentShoutout #studentshowcase2017 #StudentsHub #studentsieuczy #StudentsIn #studentsinberlin #studentsinbusiness #StudentsInDubai #studentsininternational #accountingassignmenthelp #accountingassignment #assignmenthelp #buyaccountingassignment #accountingassignmentwriter #domyassignment #assignmentguide #expertwriters