Direct Network Preview
Yüklə 21,67 Kb. Pdf görüntüsü
|
- Bu səhifədəki naviqasiya:
- EnCase Forensic Imager
- Macintosh Operating System Enhancements
- Enhanced Windows Operating System Support
- What’s New in EnCase ® Forensic Version 7.06 The Standard in Digital Investigations
- Enhanced Tablet Support
- Android OS and Device Acquisition Support
- Encryption Support
| Direct Network Preview
EnCase Forensic ® Version 7.06 includes a utility that allows you to conduct live investigations and acquisition over an IP network without the need for a SAFE. You can also deploy a servlet to a single computer on the network in order to read, acquire, or monitor a computer or hard drive. Following an easy, 3 step process, you can see the remote hard drive or computer—including physical and process memory—appear in EnCase Forensic in the same way traditional acquired hard drives or evidence appears.
EnCase Forensic Imager is a new product that allows you to create EnCase evidence files or EnCase logical evidence files. It is similar to EnCase Forensic, but does not contain processing, review, or analysis functionality. The benefit of the Imager is that allow both EnCase and non-EnCase users to acquire evidence in a forensically sound manner. Further, for EnCase Forensic users, the evidence can be seamlessly added to EnCase Forensic for examination. EnCase Forensic Imager is available free, and does not require an EnCase license. Macintosh Operating System Enhancements
Macintosh Artifacts Version 7.06 includes support for the following Macintosh artifacts: • Displays all HFS+ file system compressed files as uncompressed • Supports Finder information and extended file attributes • Displays security Access Control Lists (ACLs) • Improved support for OS X Trash items Macintosh OS X and Installer EnCase Forensic now supports Mac OS X 10.8. This update includes an enhanced Mac installer that supports “launchd”, a unified, open-source service management framework for starting, stopping, and managing daemons, applications, processes, and scripts. Macintosh Logical Volumes EnCase Forensic now supports logical volumes for Macintosh systems. When connecting to systems via servlets, the servlet interacts with the operating system to address the volume. Macintosh logical volumes can include single disks, RAIDs, and encrypted volumes. Enhanced Windows Operating System Support
Version 7.06 supports Windows 8 and Server 2012 operating systems. This support allows you to perform dead-box investigations and aids in the deployment of servlets to live-boxes. EnCase Forensic also provides support for: • Servlet for Windows 8 and Windows Server 2012 • Windows 8 artifact support: • Registry parsing • System information parsing • Windows 8 BitLocker • Parsing Windows 7 Automatic Destinations (jump lists) and their link files • Windows 7 thumbs.db parsing What’s New in EnCase ® Forensic Version 7.06 The Standard in Digital Investigations www.encase.com GUIDANCE SOFTWARE | EnCase Forensic www.encase.com GUIDANCE SOFTWARE | EnCase Forensic
About Guidance Software (NASDAQ: GUID) Guidance Software is recognized worldwide as the industry leader in digital investigative solutions. Its EnCase
® platform provides the foundation for government, corporate and law enforcement organizations to conduct thorough, network-enabled, and court-validated computer investigations of any kind, such as responding to e-discovery requests, conducting internal investigations, responding to regulatory inquiries or performing data and compliance auditing - all while maintaining the integrity of the data. There are more than 40,000 licensed users of the EnCase technology worldwide, the EnCase ® Enterprise platform is used by more than half of the Fortune 100, and thousands attend Guidance Software’s renowned training programs annually. Validated by numerous courts, corporate legal departments, government agencies and law enforcement organizations worldwide, EnCase has been honored with industry awards and recognition from Law Technology News, KMWorld, Government Security News, and Law Enforcement Technology. ©2013 Guidance Software, Inc. All Rights Reserved. EnCase and Guidance Software are registered trademarks or trademarks owned by Guidance Software in the United States and other jurisdictions and may not be used without prior written permission. All other marks and brands may be claimed as the property of their respective owners.
EnCase Forensic Version 7.06 adds support for the following tablets: • Google Nexus 7 • Acer Iconia Tab A500 • Samsung Galaxy Tab 2 • Kindle Fire HD (support for Lightspeed browser artifacts and social media) Android OS and Device Acquisition Support
EnCase Forensic supports logical and physical acquisition of devices, including phones and tablets, running Android OS Version 4, Ice Cream Sandwich, Version 4.1-2, and Jelly Bean. Artifact support has been expanded to include the ability to process Android physical evidence files (E01) and produce logical evidence files (L01) containing common smartphone categories: contacts, messages, call logs, and calendars. The result is a byte-for-byte copy of the device data partition and a navigable file/folder hierarchy.
EnCase Forensic now supports the following encryption products: Vendor Product
Supported Versions 64-bit Sup- port Check Point Check Point Full Disk Encryption (formerly Pointsec PC) 6.3.1 up to 7.4 Yes
Credant Mobile Guardian 5.2.1, 5.3, 5.4.1, 5.4.2, 6.1 through 6.8, 7.3 No GuardianEdge Encryption Plus/Anywhere 7 and 8 No GuardianEdge Hard Disk Encryption 9.1.5, 9.2.2 , 9.3.0, 9.4.0, 9.5.0, 9.5.1 Yes McAfee
EndPoint Encryption (formerly SafeBoot) 4, 5, 6 (for Windows and Macintosh computers) Yes (for Ver- sions 4 and 5) Microsoft BitLocker and BitLocker To Go Vista, 7, Server 2008 Yes
Sophos SafeGuard Easy and Enterprise (formerly Utimaco) 4.5, 5.5, 5.6 Yes (only for SafeGuard Easy, not for Enterprise) Symantec PGP Whole Disk Encryption 9.8, 9.9, 10, 10.1, 10.2 Yes
Symantec Endpoint Encryption 7.0.2, 7.0.3, 7.0.4, 7.0.5, 7.0.6, 7.0.7, 7.0.8, 8.0, 8.2 Yes WinMagic
SecureDoc Full Disk Encryption 4.5, 4.6 No Yüklə 21,67 Kb. Dostları ilə paylaş:
|