Financial discrepancies are part of the issues affecting companies today. It is worth noting that forensic investigation in a computerized work environment solves fraudulent activities. This process demands high-level expertise in forensic investigation. A forensic investigator uses various steps in investigating an employee computer. The forensic expert has to follow various steps during the investigation process. These include planning stage, gathering information stage, review process, and reporting. Investigation on employee computer is streamlined towards finding out the fraudulent activities, where and when it took place, identify those involved and quantify the monetary value of the fraud. Getting authorization to investigate on employee computer is essential. The forensic expert then accesses the employee computer using various techniques (Monckton, 2012). As a specialist, it is essential to recover detailed files, track networks and create a report on the activities that the employee has been engaging using the computer. The expert may ask an internal auditor various questions. The questions may include whether the internal audit has identified any problems? What services does the internal auditor provide in connection with frauds? How strong are the internal controls? What are some of the internal control system? Does internal auditor have sufficient resources? These questions assist in understanding the internal control system within the organization. Imaging the computer of the employee is also an important process. This entails bit-stream copy of the hard drive. The process enables the expert to look at the exact match of the employee computer without affecting the required evidence (EC-Council, 2010). Through imaging, it is possible to access and retrieve original information in the hard drive. The report should contain all transactions that took place on the employee computer, people contacted, and the communications that took place. Analytically, many organizations in the world incur losses through computerized crimes. Forensic experts assist the organization in establishing the loopholes in the control system and identifying fraudulent activities in the financial systems. Internal and external auditors are on the spot; hence, most of them undertake their roles with the professionalism it deserves.
Cyberstalking is a modern way of undertaking crime electronically. Cyberstalking include libel, defamation, false accusation and slander. Cyberstalking entails threatening behavior or harassment that a suspect engages to the victim repeatedly. These entails electronic messaging, posting personal information, spamming, hacking, posting offensive information, and setting up websites. These ways can lead to real-life stalking through threatening emails, property vandalism, physical attacks and threatening phone calls. As a forensic expert, there are ways of recovering data from the cellular phone of a suspect (EC-Council, 2010). Extraction and imaging are some of the ways of recovering data in a phone. The imaging copies the information in the cellular phone. This process assists in gathering information in the cell phone. Seizure of the cellular phone is also important to ensure that the evidence is preserved. As a forensic expert, it is essential to use Memory Toolkit to recover the data in the cellular phone of s suspect. Using hardware experts the memory chip is removed and data extracted. There is software that can be used to recover data in a cellular phone. The software’s could be automated and specialized. The information that is recovered in the cellular phone can be used as evidence. Some of the information recovered may include text messages, call times, phone logs, address book entries, graphics, videos and photos (Monckton, 2012). As a forensic investigator, it is essentials to comprehend the legal imperative and issues surrounding the data recovered in a suspect’s cellular phone. Studies show that more cases are won in court with the submittal of proper electronic evidence. In the general perspective, criminals in the world continue to use cellular phones in executing their crimes. Forensics experts are important in recovering the data in the suspect’s cellular phone and using it in a court as evidence.
The International Organization for Standardization (ISO) is one of the important body in the world. It is a standard-setting body that comprises many national standards. The model developed by ISO help in understanding and standardizing computer networks. The networks connect computers and ensure compatibility. Open System Interconnection (OSI) model help separate vendors design equipment that assist in proper communication. OSI model defines the hierarchical architecture that partitions in a logical manner the support-system communication. The OSI model focuses on providing the basic function of networks, which is to transfer message from one vendor to another. It is worth noting that the vendors can network using different software and hardware. The software and hardware work together in enhancing communication. OSI model has ensured that there are standardized technologies that provide communication framework from one computer to another.
Through the creation of layers the OSI model held separate vendors to communicate well. The layers include physical, data link, network, transport, session, presentation, and application. OSI layers are essential among separate vendors because it allows extensibility. Sending of email from one computer to another is an example of how OSI model is applied to enhance compatibility of network architecture. An email that is sent transverse through the seven layers of the OSI model. Each OSI layer talks to the corresponding layer in the destination mode. Each layer appends control information to data from the layer above. The main is send at the application layer using the SMTP commands. The presentation later converts the email text to ASCII format. The session layer ensures that the sessions have headers. The next layer is the transport layer, whereby the data is broken into the segment and each segment sent to the network layer. At this layer, the destination port and source of email are specified. The network layer uses the IP, and the segments become packets. The packets are then sent to the data link. At the data link layer, the packets become frames. The frames have the physical address of the two nodes. Finally, the physical layer put the bits on a physical medium.
EC-Council Press. (2010). Computer Forensics: Investigation Procedures and Response. Clifton Park, NY: Course Technology Cengage Learning.
Monckton, S. J. (2012). Introducing forensic and criminal investigation. New York: Sage.