Digital forensics is often summarized in four phases (e.g. collection, preservation, analysis and reporting). We have learned this already.
However, I think it’s important for you to be aware of how there are many different excellent models out there that seek to break down digital forensics in a series of flowcharts / phases / moving parts. Then Chapter 14 talks about the different trends and future directions.
So, I am attaching one research paper that does just that and it is a great read. Please check out the Forensic Models.pdf found in the Supplemental Materials folder.
Some of the models out there are very specific e.g. for network forensics, triage, or cybercrime. It’s all fascinating. Then the article proposes a new one Generic Computer Forensic Investigation Model (GCFIM).
I would like you to read this – who knows you may actually see a model that resonates well with you. This can be helpful if you are asked to consult on what is the right model that should be followed in a particular legal matter in today’s brave new world.
Now that you have reviewed the different models of digital forensics, what are your thoughts about the author’s proposed model? Do you agree or disagree? Do you prefer the other models and if so what is your preference and why? Note – there are NO right or wrong answers here. I value your insights. No more than 2 pages please.