Computer technique for the suitability of digital evidence in attacking an information system: Forensic analysis for the digital custody chain

This article presents results of a research project that attempted to create a model of forensics in an information system; since forensic analysis allows to establish the causes of security commitment information system. The aim of the study was to determine the software tools to be used in the management of security incidents in an information system; required for the design of computer art for extracting digital evidence to anchor the chain of custody items. The research methodology was descriptive and applied document type, by analyzing the different tools technique that allows maintenance of digital evidence was designed, preserving the integrity of this as a test mechanism in a judicial process. In this way, the procedures to be performed to store information were established without being altered chain of custody solving the above questions: What is the chronological order in which the events of alteration, transmission or access occurred? What evidence have to believe you are a victim?, what are the damages incurred?, who do responsible for the incident?, what people are suspicious of the event?, who has investigated the incident and which actions has taken to preserve, identify, collect and analyze the data involved?; ensuring this way through technical steps and tools to be used for the preservation of the chain of custody, as an evidence in a court case.