Appendix appA. Building a Forensic Analysis Environment
After the previous chapters, we should now have realized how important incident response is for digital forensics processes and how necessary it is to deal with both of them accurately. In this appendix of the book, we will discuss the creation of a convenient work environment to conduct the digital forensics analysis, the digital forensics lab, at enterprise scale.
Before we start building our lab, let's answer the following questions:
- What are the lab's purposes, and what kind of devices will we analyze (computers, mobiles, and so on)? This will help us determine the suitable tools for our lab.
- How many cases can we expect to receive, and what is the expected expansion in our scope and lab?
- Do we have trained individuals yet? If not, how will we select them, and what training will they need? What operating systems will they need to be familiar with, either to work with or to analyze?
Answering these questions will...
