Chat with us, powered by LiveChat Computer forensics |

Question 2: Which tools are better?

There are a number of digital forensic analysis tools that are available examine forensic images. (For this discussion, we are not talking about the acquisition tools, e.g., FTK Imager. We are talking about the tools used to do analysis.) Some are very expensive and some are free.
What makes one analysis tool better than another? Are there certain criteria to consider?
Is it true that you should always use the “better” tool?
In what situations do you use a tool that may not be the best tool?
Find at least two tools and evaluate them using the criteria you devise. Make sure to include URLs to the actual tool websites.

Question 2: Linux and Mac Tools

Linux and macOS File Systems (ext4, ext3, ext2, HFS+, HFS, AFS, etc.) differ a lot from FAT32, NTFS, and from each other and, therefore, need different tools to adequately analyze them.
What analysis tools are available–either proprietary or open source–to analyze Linux’s and macOS’ file systems?
Find at least one for each operating system/file system and discuss its merits with the class.
Make sure to provide URLs to the software sites and/or reviews.

error: Content is protected !!