skip navigation

CrimeSolutions.gov

Add your conference to our Justice Events calendar

PUBLICATIONS

NCJRS Abstract

The document referenced below is part of the NCJRS Library collection.
To conduct further searches of the collection, visit the NCJRS Abstracts Database.

How to Obtain Documents
 
NCJ Number: NCJ 222982   Add to Shopping cart   Find in a Library
Title: Test Results for Digital Data Acquisition Tool: FTK Imager 2.5.3.14
Corporate Author: Office of Law Enforcement Standards (OLES)
United States of America
Date Published: 06/2008
Page Count: 60
Sponsoring Agency: National Institute of Justice
US Department of Justice
Office of Justice Programs
United States of America
Grant Number: 2003–IJ–R–029
Sale Source: National Institute of Justice/NCJRS
Box 6000
Rockville, MD 20849
United States of America

NCJRS Photocopy Services
Box 6000
Rockville, MD 20849-6000
United States of America
Document: PDF 
Type: Test/Measurement
Language: English
Country: United States of America
Annotation: This report presents the results from testing the Digital Data Acquisition Tool: FTK Imager 2.5.3.14.
Abstract: These results, documented against four top-level tool requirements identified by the specification and several test assertions related to those requirements, describe the testing environment, provide an interpretation of the test results, and include test results summary log files for numerous test cases. Results show that except for two test cases (DA–07 and DA–08), the tested tool acquired all visible and hidden sectors completely and accurately from the test media without any anomalies. In one test case (DA-25) image file corruption was detected, but the location of the corrupt data was not reported. The following four anomalies were observed in test cases DA–07, DA–08, and DA–25: if a logical acquisition is made of an NTFS partition, the last eight sectors of the physical partition are not acquired (DA–07–NTFS); the sectors hidden by a host protected area (HPA) are not acquired (DA–08– ATA28 and DA–08–ATA48); the sectors hidden by a device configuration overlay (DCO) are not acquired (DA–08–DCO); and the location of corrupted data in an image file is not reported (DA–25). Results provide the information necessary for developers to improve tools, users to make informed choices, and the legal community and others to understand the tools' capabilities. Tables
Main Term(s): Testing and measurement
Index Term(s): Data collection devices ; Computer software ; Computers ; Data collection ; Forensics/Forensic Sciences ; Forensic engineering
Note: NIJ Special Report
   
  To cite this abstract, use the following link:
https://www.ncjrs.gov/App/Publications/abstract.aspx?ID=244891

* A link to the full-text document is provided whenever possible. For documents not available online, a link to the publisher's web site is provided.