Broadly speaking Cyber Forensics involves:
- Finding and decrypting protected information, encrypted information and steganographic content.
- Tracking software piracy.
- Recovering deleted data.
- Matching information to computers that created them.
- Remotely monitoring computers and
- Preserving digital evidence for presentation in court.
Digital evidence is the foundation of any case involving computers. Searching, examining, collecting and preserving digital evidence has to be done in such a manner that the court can rely upon the evidence to deliver its judgement. Any errors in gathering, developing, or presenting digital evidence can adversely affect the trial.