NETWORKS HAVE BECOME INCREASINGLY DISTRIBUTED yet remain interconnected. The number and types of threats to computer systems have grown. Meanwhile, the number of forensic tools to prevent unauthorized access and thwart illegal activity has also grown.

Computers store more information today than in the past. The price of storage media has decreased while the capacity has increased. Many people carry flash drives, smartphones, and iPods that contain gigabytes of information. Forensic specialists must sift through a wealth of devices and data as they search for evidence.

As threats have grown and changed, so have the tools for conducting forensic investigations. At one time, forensic ...