ComputerScienceExpert
$18/per page/
It is very important to test and validate your digital forensic tools before use. This not only gives you the confidence in your tools but allows you to testify in court that your tools were working properly before exposing important digital evidence to them. Try your hand at developing a simple testing plan based on a specific software or hardware tool. For example, you may decide you want to test the forensic acquisition functionality of FTK Imager (which is available for free from http://www.accessdata.com/support/product-downloads); you may want to visit a site that provides free forensic software tools (like http://forensiccontrol.com/resources/free-software/) and test one you find there; or you could even choose something as simple as your own word processing software. Pick just ONE specific aspect of the tool you choose (such as the ability of FTK Imager to capture physical memory, or the ability of your word processor to view a document’s properties or metadata), and design a simple step-by-step method to test or validate that aspects of the tool’s process.
Drafting a testing and validation plan is not difficult; we do this type of thing in our daily lives all the time without knowing it. The basic question is: "How do I know that my ______ is working properly?" That's it... Bottom line. For example, consider something as simple as a pair of scissors. If you were going to test a pair of scissors, what types of question would you ask yourself?
1. What are scissors for? Cutting, of course.
2. What could I use them for? Of what are they capable? Cutting paper. Cutting fabric. Cutting meat. Opening beer.
3. Could I design a test to validate that these scissors can, in fact, cut paper? Yes.
4. What will I need for this test? Scissors. 5 pieces of paper. About 5 minutes.
5. What action will I take to test this function? 1) Pick up scissors. 2) Pick up paper. 3) Open scissors. 4) Insert paper between blades. 5) Close scissors.
6. What is my standard for a completed test? That the two blades of the scissors came together in a scissoring motion when I closed the scissors.
7. What result would validate that these scissors can successfully be used for cutting? The paper was cut into two separate pieces along the points where the blades of the scissors met.
8. How do I know this isn't a fluke or a coincidence? Repeat 4 more times. If same result, then the ability of the scissors to cut paper is confirmed. Meaning, I can say that I tested them, and I'd be confident using them in the future and reasonably sure I would get the same result.
It is that simple. Obviously, your testing of a forensic tool should be presented in a more "official" and formal way than just a serious of questions and short answers, but you get the idea... If you want to check out some testing anf validation reports created by professionals, check out the NIST Computer Forensic Tool Testing (CFTT) Project.
Â
It is very important to test and validate your digital forensic tools before use. This not onlygives you the conFdence in your tools but allows you to testify in court that your tools wereworking properly before exposing important digital evidence to them. Try your hand atdeveloping a simple testing plan based on a speciFc software or hardware tool. ±or example,you may decide you want to test the forensic acquisition functionality of ±TK Imager (whichis available for free from http://www.accessdata.com/support/product-downloads); you maywant to visit a site that provides free forensic software tools (likehttp://forensiccontrol.com/resources/free-software/) and test one you Fnd there; or you couldeven choose something as simple as your own word processing software. Pick just ONEspeciFc aspect of the tool you choose (such as the ability of ±TK Imager to capture physicalmemory, or the ability of your word processor to view a document’s properties or metadata),and design a simple step-by-step method to test or validate that aspects of the tool’sprocess.Drafting a testing and validation plan is not di²cult; we do this type of thing in our dailylives all the time without knowing it. The basic question is: "How do I know that my ______ isworking properly?" That's it... Bottom line. ±or example, consider something as simple as apair of scissors. If you were going to test a pair of scissors, what types of question would youask yourself?1. What are scissors for? Cutting, of course.2. What could I use them for? Of what are they capable? Cutting paper. Cutting fabric.Cutting meat. Opening beer.3. Could I design a test to validate that these scissors can, in fact, cut paper? Yes.4. What will I need for this test? Scissors. 5 pieces of paper. About 5 minutes.5. What action will I take to test this function? 1) Pick up scissors. 2) Pick up paper. 3) Openscissors. 4) Insert paper between blades. 5) Close scissors.6. What is my standard for a completed test? That the two blades of the scissors cametogether in a scissoring motion when I closed the scissors.7. What result would validate that these scissors can successfully be used for cutting? Thepaper was cut into two separate pieces along the points where the blades of the scissorsmet.8. How do I know this isn't a ³uke or a coincidence? Repeat 4 more times. If same result,then the ability of the scissors to cut paper is conFrmed. Meaning, I can say that I testedthem, and I'd be conFdent using them in the future and reasonably sure I would get thesame result.It is that simple. Obviously, your testing of a forensic tool should be presented in a more"o²cial" and formal way than just a serious of questions and short answers, but you get theidea... If you want to check out some testing anf validation reports created by professionals,check out theNIST Computer ±orensic Tool Testing (C±TT) Project.Submit your testing plan to your instructor via your Assignments ±older.
Attachments: