Talk With an Expert

Computer Forensics Investigation - Analyze an Unknown Image

Computer Forensics Investigation - Analyze an Unknown Image (PDF, 4.40MB)Published: 28 Apr, 2005
Created by:
Raul Siles
Raul Siles

This paper is the practical assignment required to obtain the GIAC Certified Forensic Analyst (GCFA) security certification (version 2.0 - Option 1). It consists on the investigation and forensic analysis of a piece of evidence, an USB flashdrive, collected during the incident response phase of a case involving personal harassment in CC Terminals. The investigation focuses on obtaining a clear picture of the incident based on the analysis of the evidence gathered, establishing how it might have been used by the suspect. In order to ensure success of the forensic process, four basic principles were followed: attempt to minimize data loss, record everything, analyze all the data collected and report the findings effectively. The methodology followed, the tools and procedures used and the conclusions obtained have been included in this paper, being as much accurate as possible. The report also covers legal issues related to the laws in my home country, Spain. The forensic analysis has been mainly performed using open-source tools, because they are free and work well from a forensic perspective 1 .

Meet the expert

Raul Siles
Raul Siles

Raul Siles

Certified Instructor

Raul is founder of DinoSec, where he performs advanced cybersecurity analysis services, security research, and technical training. For 20+ years, he has applied his expertise, innovating offensive and defensive solutions for organisations worldwide.

Read more about Raul Siles