What is digital forensics?
Q: What is digital forensics?
A: Digital forensics is a forensic science where experts look at computer devices to help solve crime.
Q: Who are the experts who do digital forensics?
A: The experts who do digital forensics are often called "analysts" or "investigators".
Q: What is an investigation in digital forensics?
A: When an expert is asked to look at a computer it is called an "investigation". A digital forensics investigation happens when someone is blamed for a crime that includes using a computer.
Q: What do experts do in a digital forensics investigation?
A: The expert will look for evidence about the crime. They will try to prove whether the person is to blame or not.
Q: What is eDiscovery?
A: Sometimes investigations are used in disputes between companies and/or people (known as civil law). These may not involve a crime. Instead, the expert is asked to find out information about a person or company by looking at their computer. There is a specific word used to describe this type of investigation, it is "eDiscovery".
Q: What is intrusion detection in digital forensics?
A: Intrusion detection is another use of digital forensics. It happens after a hacker breaks into a computer network. After the break-in, an expert is often asked to look at the networked computers to try and find out how it happened.
Q: Can digital forensics investigations only involve computers?
A: No, digital forensics investigations can also include mobile phones.
