Done

Running Head: FTK IMAGER LITE TOOL 1

FTK IMAGER LITE TOOL 2

FTK Imager Lite

Student’s Name:

Professor’s Name:

Date:

FTK Imager Lite Tool

1. Type of device for Forensic Investigation

I used the FTK Imager Lite tool to conduct a forensic investigation. This tool is relevant for forensic investigation because it aids in quick access of the electronic evidence often to determine if further analysis ought to be conducted especially with a different forensic tool. This tool has a feature that allows it to encrypt files of a specific type according to the needs of the investigator (De Alwis, 2018). One clicks on the files that they want to add to the custom content image together with AD encryption. When done all these, all the files that are selected will display in a new window. One of the advantages of this tool that made me choose it is that it creates the perfect copies or forensic images of the data of the computer without making any alterations to the original evidence.

2. Tool for Data Capture

The tool that I used for the data capture is FTK Imager Lite Tool. It is an image viewing tool, and it allows one to browse the image contents. This made it possible for me when capturing data because it allowed me to review and track down the data myself instead of paying for the analysis, and this made me save money. FTK is an imaging tool and data preview that allows one to assess electronic evidence to determine if further analysis with other forensic tools is warranted (Chandel, 2020). The forensic image is the same in every way as the original one, including unallocated space and file slack. It is also a free tool that saves the image in one file or segments of a hard disk that may be later reconstructed. This tool can create a keyword index of the whole image at the beginning of the process, making searches easy in the future. It is hard that starts a case with all the keywords that are correct as a case to develop. Just like the Autopsy tool also, the FTK Imager is also cost-effective because it is also free. The FTK Imager tool helped me to collect the complete volatile memory of the community (Duc, 2017). The FTK Imager can also provide one with the inbuilt integrity checking function that generates a hash report, which assists in matching the hash evidence prior to and after developing the image of the original evidence. This tool helped me capture data in my investigation and made my work easier, and I acquired the data that I needed. It is an important tool as one of its advantages is that it is free and so it is cost-effective.

3. Experience Learnt

From the experience that I had from performing my investigation, I learned many things concerning the use FTK Imager Lite tool for conducting investigations. One of the things that I have is that it is easy to use the tool, which often makes work easier. Another thing is that I came to know that this tool is that it is free, and for that reason, thus cost-effective when conducting an investigation.

References

Chandel, R. (2020, November 24). Comprehensive guide on FTK Imager. Retrieved from https://www.hackingarticles.in/comprehensive-guide-on-ftk-imager/

De Alwis, C. (2018). Evidence Acquisition Using AccessData FTK Imager. Retrieved from : https://articles.forensicfocus.com/2018/03/02/evidence-acquisition-using-accessdata-ftk-imager/

Duc, H. N. (2017, May 9). Ftk imager step by step. Retrieved from https://eforensicsmag.com/download/ftk-imager-step-by-step/