Understanding Filesystems and Storage Media
It takes a lot more than just technical know-how to be a digital forensic investigator. There's a lot of research, processes, and analytics that also go into the case itself. Consider a scenario where you need to build a house. Sure, we need wood, nails, cement, metal, glass, and all other raw materials, and we also require the skilled laborers and contractors to construct the structure and piece it together. Apart from the materials, tools, and resources, we would have also done our research to ensure that we understood what is needed for this to be a successful project.
For instance, we would have had to obtain permits to build, perform soil analysis, consider the weather, and then choose to specify types of materials based on the weather, location, soil type, and so on. It goes without saying that there must be understanding of fundamental concepts in the field in order to efficiently carry out the task. In the same way, we need to have an understanding of the filesystems, operating systems, data types, and locations, as well as a thorough understanding of methods and procedures for preserving data, storage media, and general evidence.
In this chapter, we will learn about the following topics:
- The history of storage media
- Filesystems and operating systems
- What about the data?
- Data volatility
- The paging file and its importance in digital forensics