We are independent & ad-supported. We may earn a commission for purchases made through our links.
Advertiser Disclosure
Our website is an independent, advertising-supported platform. We provide our content free of charge to our readers, and to keep it that way, we rely on revenue generated through advertisements and affiliate partnerships. This means that when you click on certain links on our site and make a purchase, we may earn a commission. Learn more.
How We Make Money
We sustain our operations through affiliate commissions and advertising. If you click on an affiliate link and make a purchase, we may receive a commission from the merchant at no additional cost to you. We also display advertisements on our website, which help generate revenue to support our work and keep our content free for readers. Our editorial team operates independently of our advertising and affiliate partnerships to ensure that our content remains unbiased and focused on providing you with the best information and recommendations based on thorough research and honest evaluations. To remain transparent, we’ve provided a list of our current affiliate partners here.
Education

Our Promise to you

Founded in 2002, our company has been a trusted resource for readers seeking informative and engaging content. Our dedication to quality remains unwavering—and will never change. We follow a strict editorial policy, ensuring that our content is authored by highly qualified professionals and edited by subject matter experts. This guarantees that everything we publish is objective, accurate, and trustworthy.

Over the years, we've refined our approach to cover a wide range of topics, providing readers with reliable and practical advice to enhance their knowledge and skills. That's why millions of readers turn to us each year. Join us in celebrating the joy of learning, guided by standards you can trust.

What is Forensic Computing?

Karyn Maier
By
Updated: May 17, 2024
Views: 2,841
Share

Forensic computing refers to the use of technology as an investigative method with which to retrieve and substantiate digital data and media. Just as a medical examiner might determine time of death or how the deceased came in contact with poison, computer forensics relates to an examination of stored electronic data and how and when it got there. In fact, the only difference is that the forensic computing investigator is more likely to draw conclusions from dissecting a hard drive rather than a cadaver. In addition, careful handling and preservation of a potential “crime scene,” and the evidence collected from it, is at the core of every investigation.

It might be tempting to think it’s easy to gather information from a computer’s hard drive simply by viewing its contents onscreen, but this is far from the case. It’s might be even more tempting to believe that deleting a file or an email erases all traces of it, yet another incorrect assumption. In fact, forensic computing technicians are trained to locate hidden files where “breadcrumbs” of such files remain indefinitely. For that matter, some types of computer files leave traces behind known as “ghost files” long after they’ve been deleted. Basically, any time electronic data is created, archived, or disseminated, it can usually be traced and recovered.

The obvious roadblock to a computer forensics investigator is getting around use- created passwords that protect files and related information from being accessed. This is usually only a temporary situation, however. Not only does computer forensics training provide insight into cracking usernames and passwords, but also teaches the investigator how to get clues from encryption keys, random memory, and even from the person who created them.

There are many circumstances in which computer forensic services may be needed, with a great number being related to criminal or civil cases. For example, individuals suspected of possessing or distributing child pornography are often discovered through forensic computing techniques, many times after using online peer-to-peer networking services. In another scenario, an employer may wish to collect evidence from an employee’s computer in preparation for terminating and prosecuting the individual for embezzlement or breach of confidentiality.

Forensic computing often involves the protection and prevention of digital data corruption too. In fact, some technicians train to work in a specialized field of computer forensics to debug applications or detect unauthorized intrusions, such as database forensics and firewall forensics. In recent years, forensic computing has become particularly important in matters of international security. In fact, highly trained agents routinely observe and track Internet usage and communications that may be related to terrorist traffic.

Share
WiseGeek is dedicated to providing accurate and trustworthy information. We carefully select reputable sources and employ a rigorous fact-checking process to maintain the highest standards. To learn more about our commitment to accuracy, read our editorial process.
Karyn Maier
By Karyn Maier
Contributing articles to WiseGeek is just one of Karyn Maier's many professional pursuits. Based in New York's Catskill Mountain region, Karyn is also a magazine writer, columnist, and author of four books. She specializes in topics related to green living and botanical medicine, drawing from her extensive knowledge to create informative and engaging content for readers.

Editors' Picks

Discussion Comments
Karyn Maier
Karyn Maier
Contributing articles to WiseGeek is just one of Karyn Maier's many professional pursuits. Based in New York's Catskill...
Learn more
Share
https://www.wisegeek.net/what-is-forensic-computing.htm
Copy this link
WiseGeek, in your inbox

Our latest articles, guides, and more, delivered daily.

WiseGeek, in your inbox

Our latest articles, guides, and more, delivered daily.