Digital forensics includes recovering and investigating material traced in digital and computer devices in respect to computer crimes with such forensic data commonly vital in refuting or supporting hypothesis in the incidence of a civil or criminal court presentation or in the private sector too during internal corporate investigations, for instance network intrusion investigation. The use of reports generated by forensic tools to create your final investigation report is advantageous in that you can easily trace back the originality of the data used to prepare the report and table it in confidence without fear since it offers surety of originality. Reports generated from forensic tools offer every detailed evidence with very little doubt if any hence they can be used in giving the real verdict leading to the investigation. Since the report is prepared and retrieved from static devices but not from ‘live’ systems, the reports give high accuracy and are hard to be compromised and tempered with (Nelson, Phillips, & Steuart, 2009).
However, reports from forensic investigation may too have disadvantages. Reports from forensic investigation can suffer some volatility. When conducting evidence, if the machine under investigation is alive, the data or information kept on the machines Read Only Memory and is yet to be recovered before switching off power is vulnerable to getting lost. Though some tools can be used to recover volatile data, there is considerably no surety that all the data can be recovered from the static devices. Also reports can be tempered prior to the investigation or the person handling the machine prior to the investigation might be under pressure from some malicious forces intending to convict them to be held accountable victim for the investigation (Nelson, Phillips, & Steuart, 2009).
Reference