ABSTRACT
Nowadays, criminals are familiar with the techniques and methods by which digital forensic practitioners gather digital evidence. Because of this, intruders and attackers are routinely trying to evade detection by using countermeasures intended to impede the investigative process, often resulting in no evidence being identified. For the most part, enterprise environments have implemented multiple layers of administrative, physical, and technical security controls designed to protect the organization's assets (i.e., people, information) from intruders or attackers. Intended to deter, detect, deny, or delay malicious activity from occurring, these security controls also contribute toward mitigating the potential of antiforensics being used and enabling digital forensic capabilities.
