Fundamentals of Digital Forensics

Taking into account the techniques and procedures for the acquisition and analysis of data storage devices, it is relevant to have knowledge of forensic Linux distributions. These have a set of tools which allow the acquisition and analysis of information, taking into account the best practices. These are generally Live distributions, which do not need to be installed on the computer, but which allow you to connect the disks without worrying about blocking writing, as they come natively configured without automatically mounting them on the system.

The distributions we indicate are as follows:

•       CAINE (Computer Aided INvestigative Environment Live CD/DVD)

•       DFF (Digital Forensics Framework)

•       SANS SIFT (Sans Investigative Forensics Toolkit)

•       Paladin Edge (Sumuri)