Ftk Imager the Digital Forensic Toolkit Analysis

Open, View, and/or
Download this Document

Total Length: 1212 words ( 4 double-spaced pages)

Total Sources: 1

Page 1 of 4

FTK Imager, the Digital Forensic Toolkit

FTK Imager is an imaging and data preview tool used for forensic analysis. Typically, the FTK imager can create disk images for USB and hard drives. The FTK can also create forensic images (perfect copies) of data without altering the original evidence. Moreover, the FTK imager can create MD5 or SHAI hashes of files and be able to recover deleted files from Recycle Bin.

Objective of this project is to investigate the strategy of using the FTK for forensic investigation.

Use of the FTK

The first step is to install the FTK Imager, which can be accessed from the following website: http://accessdata.com/product-download/?/support/adownloads

After opening the webpage, the current releases of the digital forensic tools appear ad being revealed below:

Then, click FTK Image and Click the FTK Imager, version 3.4.2, and Click download. After completing the installation, the next section discusses the method of adding a file folder or file as evidence.

1.Method of Adding a file folder or an individual file as Evidence

Method to add a file folder or an individual file as evidence is as follows:

Select file from the top left of the folder

Select Add Evidence Item

Select Source, and (Physical Drive, Image file, Logical Drive, and Contents of a file) appears

PHYSICALDRIVE appears under Evidence Tree as revealed below:

2.Differences between HEX view and TEXT view

Text view allows an individual to view a file content as Unicode or ASCII characters. The text view can assist in viewing binary and text data, which is not visible when the file is in its native form. On the other hand, Hex view refers to byte of data in a file, which is in hexadecimal code.

The following procedure is used for Text View .

Text View

Select View files in plain text

Select Add Evidence Item

Select Source (Physical Drive, Image file, Logical Drive, and Contents of a file) appear

Click Next

Click Finish

Double Click Physical Drive

Double Click Partition 1

Click System Reserved (NTFS)

Click Backup Boot Sector

The following procedure is used for the HEX View .

HEX view

Select View files in Hex format

Select Add Evidence Item

Select Source (Physical Drive, Image file, Logical Drive, and Contents of a file) appear

Click Next

Click Finish

Double Click Physical Drive

Double Click Partition 1

Click System Reserved (NTFS)

Click Backup Boot Sector

3.Discussion of the tool's Strengths and Weaknesses.

Stuck Writing Your "Ftk Imager the Digital Forensic Toolkit Analysis" ?

View All Our Example Ftk Imager the Digital Forensic Toolkit Analysis

Have A Custom Example Essay Written



The FTK imager is a forensic toolkit that can assist different organizations to secure the delete file and trace attacker attempting to steal sensitive data from organizational database. In the United States, over 130,000 companies use the FTK imager for different functions such as e-discovery and forensic functions.

FTK provides you with and entire quite of investigative tools necessary to conduct digital investigations smarter, faster and more effectively. It allows you to quickly establish case facts through innovative and market leading features such as distributed processing, collaborative case analysis, evidence visualization reports and more; all in one single comprehensive solution. FTK provides innovative and integrated features to support data processing integrity, speed and analysis depth. (Access Data, 2015 p 1).

One of the strengths of the FTK imager is that it can be used as an evidence preservation in case an attacker is caught and there is a need to present the evidence in the court of law. Using the FTK forensic tool, it will be easy to extract evidence, which can assist in convicting a hacker criminal. FTK also acquires, previews, and analyzes the peripheral device data, hard drive data, as well as accessing memory /….....

Show More ⇣

     Open the full completed essay and source list


OR

     Order a one-of-a-kind custom essay on this topic


sample essay writing service

Cite This Resource:

Latest APA Format (6th edition)

Copy Reference
"Ftk Imager The Digital Forensic Toolkit Analysis" (2015, November 07) Retrieved June 4, 2026, from
https://www.aceyourpaper.com/essays/ftk-imager-digital-forensic-toolkit-analysis-2156561

Latest MLA Format (8th edition)

Copy Reference
"Ftk Imager The Digital Forensic Toolkit Analysis" 07 November 2015. Web.4 June. 2026. <
https://www.aceyourpaper.com/essays/ftk-imager-digital-forensic-toolkit-analysis-2156561>

Latest Chicago Format (16th edition)

Copy Reference
"Ftk Imager The Digital Forensic Toolkit Analysis", 07 November 2015, Accessed.4 June. 2026,
https://www.aceyourpaper.com/essays/ftk-imager-digital-forensic-toolkit-analysis-2156561
   

Open, View, and/or
Download this Document
order custom essay example