Computer Forensics Service is a set of actions for examination of all kinds of data from sound, image, data, information or combination that are kept or transmitted in electromagnetic and electro-optical environments and providing answers to the requested questions with evidence, in line with the requests made by the institutions.
Computer Forensics is basically formed of 4 stages:
- First Response: It consists of determining the digital evidence that will illuminate the incident and ensuring the security of these systems.
- Obtaining Forensic Copies: It consists of taking images of systems accepted as digital evidence using write protection methods to use in examination.
- Examination: It consists of technical examinations carried out to search for answers to the questions asked using methods and software accepted in the literature on the Forensic Copies obtained.
- Reporting: It consists of reporting the findings and the details of the findings in an understandable manner. Additionally, the suggestions that include the measures to be taken to prevent the events that are requested to be investigated by the institutions and the like are added to the report created as a result of this process