Evidence Acquisition and Analysis from Live Exchange

A great amount of legal and forensics discussion is involved when there is an investigation procedure that involves the seizing of crucial evidence from Live Exchange server. Whenever there is such an investigation, two things remain in focus

1. Identification of suspect evidence from the network
2. Collection approach that maintains exactitude of evidence

There has been an increasing effort in the theory of live imaging approaches because of the liabilities that come up when a server is taken down. In such a situation, the rules of law and evidence acquisition have caused new approaches and techniques of acquiring electronic evidence to be formed; many of these are specifically targeted at the large storage of data.

What are the data that are generally in question?

Get The Latest DFIR News!

Top DFIR articles in your inbox every month.


Unsubscribe any time. We respect your privacy - read our privacy policy.

Read More

Leave a Comment

Latest Videos

This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feed settings page to add an API key after following these instructions.

Latest Articles

Share to...