Presentation is loading. Please wait.

Presentation is loading. Please wait.

RAID Acquisition Computer Forensics COEN 152/252.

Published bySherilyn Edwards Modified over 8 years ago

Similar presentations

Presentation on theme: "RAID Acquisition Computer Forensics COEN 152/252."— Presentation transcript:

1 RAID Acquisition Computer Forensics COEN 152/252

2 RAID Levels RAID 0:Just a Bunch Of Disks (JBOD) RAID 1: Mirrored RAID 5: Redundancy through parity  distributed parity

3 RAID Hardware RAID  Two types: Special controller that plugs into one of the buses Device that plugs into normal disk controller such as ATA, SCSI, Firewire, …  Computer sees a single volume

4 RAID Hardware RAID acquisition  Step 1: Acquire and investigate complete RAID volume as a single volume Needs big target device. Use device drivers such as those contained on Linux distributions  Step 2: Acquire individual disks and look for hidden data in possible areas that the RAID volume did not use. Keyword searches can also be performed on the individual disks.

5 RAID Software RAID  OS sees individual disks  But sees them together as a single volume.  CPU calculates parity info.

6 RAID Software RAID  Easiest: Acquire entire volume  Encase, ProDiscover can import disks from a Windows RAID volume and analyze them as a single volume. Allows access to data that is hidden on individual disks.

Download ppt "RAID Acquisition Computer Forensics COEN 152/252."

Similar presentations

Hardware Lesson 3 Inside your computer.

Hardware Lesson 3 Inside your computer.
RAID Redundant Array of Inexpensive Disks Presented by Greg Briggs.

RAID Redundant Array of Inexpensive Disks Presented by Greg Briggs.
1 Lecture 18: RAID n I/O bottleneck n JBOD and SLED n striping and mirroring n classic RAID levels: 1 – 5 n additional RAID levels: 6, 0+1, 10 n RAID usage.

1 Lecture 18: RAID n I/O bottleneck n JBOD and SLED n striping and mirroring n classic RAID levels: 1 – 5 n additional RAID levels: 6, 0+1, 10 n RAID usage.
RAID: Redundant Array of Inexpensive Disks Supplemental Material not in book.

RAID: Redundant Array of Inexpensive Disks Supplemental Material not in book.
BSD Partitions COEN 152/252 Computer Forensics. BSD Partitions Some BSD systems use IA32 hardware  Designed to co-exists with MS partitions.  Use DOS.

BSD Partitions COEN 152/252 Computer Forensics. BSD Partitions Some BSD systems use IA32 hardware  Designed to co-exists with MS partitions.  Use DOS.
RAID- Redundant Array of Inexpensive Drives. Purpose Provide faster data access and larger storage Provide data redundancy.

RAID- Redundant Array of Inexpensive Drives. Purpose Provide faster data access and larger storage Provide data redundancy.
1 CSC 486/586 Network Storage. 2 Objectives Familiarization with network data storage technologies Understanding of RAID concepts and RAID levels Discuss.

1 CSC 486/586 Network Storage. 2 Objectives Familiarization with network data storage technologies Understanding of RAID concepts and RAID levels Discuss.
Chapter 3 Presented by: Anupam Mittal.  Data protection: Concept of RAID and its Components Data Protection: RAID - 2.

Chapter 3 Presented by: Anupam Mittal.  Data protection: Concept of RAID and its Components Data Protection: RAID - 2.
This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
An Introduction to Computer Forensics James L. Antonakos Professor Computer Science Department.

An Introduction to Computer Forensics James L. Antonakos Professor Computer Science Department.
COMPUTER SYSTEM CAN BE DIVIDED INTO : 1- General Computer 2- Special Computer.

COMPUTER SYSTEM CAN BE DIVIDED INTO : 1- General Computer 2- Special Computer.
Guide to Computer Forensics and Investigations Fourth Edition

Guide to Computer Forensics and Investigations Fourth Edition
Guide to Computer Forensics and Investigations Fourth Edition

Guide to Computer Forensics and Investigations Fourth Edition
COS/PSA 413 Day 3. Agenda Questions? Blackboard access? Assignment 1 due September 3:35PM –Hands-On Project 1-2 and 2-2 on page 26 of the text Finish.

COS/PSA 413 Day 3. Agenda Questions? Blackboard access? Assignment 1 due September 3:35PM –Hands-On Project 1-2 and 2-2 on page 26 of the text Finish.
CSE 451: Operating Systems Winter 2010 Module 13 Redundant Arrays of Inexpensive Disks (RAID) and OS structure Mark Zbikowski Gary Kimura.

CSE 451: Operating Systems Winter 2010 Module 13 Redundant Arrays of Inexpensive Disks (RAID) and OS structure Mark Zbikowski Gary Kimura.
* SOFTWARE * Computer software, or just software, is a collection of computer programs and related data that provides the instructions. It can not be touched.

* SOFTWARE * Computer software, or just software, is a collection of computer programs and related data that provides the instructions. It can not be touched.
Storage Networking. Storage Trends Storage growth Need for storage flexibility Simplify and automate management Continuous availability is required.

Storage Networking. Storage Trends Storage growth Need for storage flexibility Simplify and automate management Continuous availability is required.
COEN 252 Computer Forensics Forensic Duplication of Hard Drives.

COEN 252 Computer Forensics Forensic Duplication of Hard Drives.
COEN 252 Computer Forensics

COEN 252 Computer Forensics
Storage System: RAID Questions answered in this lecture: What is RAID? How does one trade-off between: performance, capacity, and reliability? What is.

Storage System: RAID Questions answered in this lecture: What is RAID? How does one trade-off between: performance, capacity, and reliability? What is.

Similar presentations

Ads by Google