Computer Science

Forensic Read/Write Blocker?

  

Scenario

Your new manager comes to you and asks you that he keeps hearing about read/write blockers for forensic imaging. He’s not sure what that is. He also is confused because he’s heard that there’s two different types (software and hardware). Also, there’s commercial and open source tools. He knows you just took a course in digital forensics, so he asks you to prepare a memo for him explaining all that.

Your assignment

1. Research on what is a forensic read/write blocker and what is the difference between a hardware and a software version?

2. Research on what tools are available e.g. commercial (you buy) or open-source (free) and what types are available.

3. Identify some situations where it makes sense to use the hardware versions or when it makes sense to use software versions?

4. Put it all together and summarize it for your manager! No more than 2 pages please.

What this teaches you

Being familiar with what tools the investigator used will help you. You gain credibility by asking what hardware or software tools they used, how they deployed it and why they went with a hardware or software version.