O'Reilly logo

Computer Forensics JumpStart, Second Edition by Diane Barrett, Neil Broom, Ed Tittel, K Rudolph, Michael G. Solomon

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Handling Encrypted Data

At some point in the investigation, you’ll likely encounter encrypted data. The course of action depends on the particular type of encryption and the value of the expected evidence once the data is decrypted. If you suspect the encrypted data holds a high value for your case, it will warrant more time and effort to get at that data. Decrypting data can require a substantial effort. Only pursue that course of action when necessary.

Identifying Encrypted Files

Identifying encrypted files is easy. You try to access a file with the appropriate application and you end up getting garbage. The first step you should take in this instance is to find out the type of file you’re dealing with. Most operating systems make assumptions ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required