Content deleted Content added
No edit summary |
Mindmatrix (talk | contribs) rm promotional links; this is not a web directory; formatting: whitespace (using Advisor.js) |
||
Line 5:
The discipline is similar to [[computer forensics]], following the normal forensic process and applying investigative techniques to database contents and metadata. Cached information may also exist in a servers [[RAM]] requiring [[Digital forensics#live analysis|live analysis]] techniques.
A forensic examination of a database may relate to the timestamps that apply to the update time of a row in a relational table being inspected and tested for validity in order to verify the actions of a database user. Alternatively, a forensic examination may focus on identifying transactions within a database system or application that indicate evidence of wrongdoing, such as fraud.
Software tools
Currently many database software tools are in general not reliable and precise enough to be used for forensic work as demonstrated in the first paper published on database forensics.<ref>[http://www.giac.org/certified_professionals/practicals/gcfa/0159.php Oracle Database Forensics using LogMiner - GIAC Certified Student Practical<!-- Bot generated title -->]</ref>
Line 25:
* Oracle Forensics, Paul Wright, Rampant Techpress, ISBN 0-9776715-2-6, May 2008. http://www.rampant-books.com/book_2007_1_oracle_forensics.htm
==
{{Reflist}}
| |||