SANS Forensic Toolkit: Investigation for Local Enforcement Agency

Verified

Added on 2023/06/12

AI Summary

This report identifies the SANS forensic toolkit as a leading solution for computer forensics, particularly for local enforcement agencies. The suite, optimized for the Ubuntu operating system, offers enhanced security and confidentiality during investigations. Its tools, including md5deep for file integrity analysis and autopsy for image and location details, provide comprehensive support for cybercrime investigations. The digital forensic framework further aids in gathering crucial evidence, ensuring a thorough and effective investigative process. The report emphasizes the toolkit's affordability, continuous updates, and advanced technological capabilities, making it a valuable asset for combating cybercrime.

Running head: RESEARCH
The most prominent computer forensic suite
Student’s Name
Student’s Number

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

RESEARCH 2
Research on the most prominent computer forensic suite
After doing a thorough comprehensive research, the best computer forensic suite for the local
enforcement agency is the SANS forensic toolkit for investigation according to Padmanabhan et al (2016).
This particular forensic suite is composed of many tools that can help the agency to investigate any
cybercrime scene. On the other hand, the investigation toolkit mainly works with the Ubuntu operating
system thus meaning it is more secure than ever. The local agency would enjoy the confidentiality of the
information while they are investigating any incidence. Apart from that, the investigation tool is advanced
to the current technology; therefore, it may prove difficult for the hackers to get the investigation details in
the local agency. The continuously updated tools in the SANS is able to provide timeline information to
the local company of any incidence that is going on against the laws in the firm. Another important reason
why this toolkit is the best is that it is cheap and some tools here are provided free after purchasing the
suite.
As stated earlier in the assignment, this computer forensic tool is accompanied by several tools.
According to Jain & Kalbande (2015), these tools are the ones, which have, help the local agency to
investigate any cybercrime. For instance, the suite has md5deep tool. Md5deep is a command line tool,
which helps in analyzing the integrity of files in the company. The computer experts play with hashes in
the command line and do the necessary changes in the files to ensure integrity. The second tool is the
autopsy tool. This tool has helped the local agency to launch an investigation. It provides the details of
the image and the location. On the last bit on how SANS has helped in computer forensic is by the use of
the digital forensic framework. This tool helps in getting more information about the evidence collected
during the investigation. The details may include the images and the location of the files used during the
investigation.

RESEARCH 3
References
Padmanabhan, R., Lobo, K., Ghelani, M., Sujan, D., & Shirole, M. (2016, August). Comparative analysis
of commercial and open source mobile device forensic tools. In Contemporary Computing (IC3),
2016 Ninth International Conference on (pp. 1-6). IEEE.
Jain, N., & Kalbande, D. R. (2015, September). Computer forensic tool using history and feedback
approach. In Reliability, Infocom Technologies and Optimization (ICRITO)(Trends and Future
Directions), 2015 4th International Conference on (pp. 1-5). IEEE.