In your opinion, what are the top five tools in the forensic analysis field?  A minimum of 200 words each is required, and they must be your own words.  Including figures and quotes is value-added, but they will not count against your 200 word requirement. Reply to The first two tools that immediately come to mind are EnCase and Forensics ToolKit (FTK). Both were the most reviewed by my peers in the Week 1 discussion question, and both are being used for training purposes in this class. They are also recommended by CyberSecurity Magazine as number one and two of the top ten best tools for digital forensics (CyberSecurityMag, 2019). So far, after using EnCase in the labs I found that it was easy and intuitive once I got used to the available options. I especially find the ability to sort the artifacts in the Entries viewer useful when cataloguing items of interest. Some other tools that are useful but have not come up yet are write-blockers and imagers, faraday and other shielding devices, and mobile forensics software like Cellebrite. It is incredibly important to use a write-blocker so the analyst does not change the device they are imaging. Some of the more popular write-blockers include the UltraBlock from Digital Intelligence and WiebeTech blockers (CRU, n.d.). Paraben creates faraday boxes that can be used for network connected devices like mobile phones that may need to be kept powered on but disconnected from outside influence. Cellebrite is a forensic tool manufacturer that creates products used to extract data from mobile phones and the cloud (Cellebrite, n.d.). Due to the ever-increasing popularity of mobile devices, it is important to have a forensic tool that is specifically built to handle the various challenges inherent with mobile devices such as passcodes, applications, SIM cards, etc. Cellebrite. (n.d.). Products. CRU. (n.d.). WiebeTech. CyberSecurityMag. (2019, March 2). 10 best tools for computer forensics. Cyber Security Magazine. Reply to There are many digital forensic tools available currently and trying to decide the top five between them is no easy feat. Most digital forensic tools contain very similar capabilities, therefore investigator’s preference and needs. The four main contenders mentioned by many are: EnCase, Autopsy, Forensic Toolkit (FTK), and X-Ways Forensics. Out of these four, Autopsy is the only free solution available.  ProDiscovery Forensic is another highly popular digital forensic tool. All five of these tools offer a similar graphical user interface with 3 main areas: tree view, table view, and details. Timeline view is also available in any of these solutions.    EnCase is one of the most popular tools and allows examination of different devices to include computers, tablets, smartphones, and GPS devices (OpenText, 2020). EnCase is capable of producing full reports and has been used throughout many years to present evidence in court cases. FTK is another great option with very similar functionality. FTK also allows for many different devices to be examined. One of the biggest features in FTK is its capability of seamlessly integrating with other software from AccessData like Password Recovery Toolkit (PRTK) and Distributed Network Attack (DNA) (AccessData, 2019). X-Ways Forensics is the third big tool, and like the previous tools allows for full disk cloning and imaging.  X-Ways has been tested under many different scenarios and seems to be the fastest when it comes to processing and consumes the lowest amount of resources (Forensic Labs, n.d.). This is a big thing for many examiners since it allows for fastest processing of large data sets. X-Ways also allows for the whole toolset to be run from a USB stick on any Windows environment (X-Ways Software Technology AG, n.d.). Autopsy is a free tool that runs on Windows, Linux, and OS X. Like many other open source projects, Autopsy is backed by a whole community that maintains the tool and develop different ingest modules that add more functionality to the toolset, like checking files against the VirusTotal database (SleuthKitWiki, n.d.). ProDiscovery Forensic is a solution that offers a similar to the tools mentioned above while also ensuring the integrity of the data collected. ProDiscovery even allows images to be run using VmWare. A step-up is also available for more robust solutions: ProDiscover Incident Response (IR). IR allows for some extra functionality in networks like: shadow copying and transferring data in encrypted manner (ProDiscover, n.d.). References AccessData. (2019, February 25). Forensic toolkit (FTK)®. Basis Technology. (2020, May 29). Autopsy. Autopsy. Forensic Labs. (n.d.). Let the benchmarks hit the floor: Autopsy vs encase vs FTK vs X-ways (in depth testing). binary foray. OpenText Corp. (n.d.). EnCase forensic software – Top digital forensics & investigations solution. Endpoint Security, Incident Response & Digital Forensics | Guidance Software. OpenText. (2020). OpenText EnCase Forensic. Endpoint Security, Incident Response & Digital Forensics | Guidance Software. ProDiscover. (n.d.). Products. SleuthKitWiki. (n.d.). Autopsy 3rd party modules. Retrieved October 31, 2020, from X-Ways Software Technology AG. (n.d.). X-ways forensics: Integrated computer forensics software. Software for Computer Forensics, Data Recovery, and IT Security.

4 sources required
APA 7th edition

Don't use plagiarized sources. Get Your Custom Essay on
Just from $13/Page
Order Essay
Place Order
Grab A 14% Discount on This Paper
Pages (550 words)
Approximate price: -
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)