Reply To: OCU C)DFE D Week 03 Discussion

Kevin Mehok

IST2901 Digital Forensic Examiner
Week Three
Assignment #2
WK3 Three Categories of Evidence Discussion

Hey Class,

To add to this week’s discussion, I have opted to break down my three types as followed:
Archival Data-Archival data is information that is not immediately accessible to a user of a computer system, but that is maintained for long-term storage, recordkeeping, or research purposes.

Back Up Data-When going over your backup and recovery audit checklist, err on the side of more evidence, rather than less. More audit findings mean more remediation work once the audit report has been approved and published. Many organizations will likely circulate the audit report to senior IT and corporate management, so plenty of relevant evidence goes a long way.

Residual Data-Residual data is deleted or overwritten data that may contain digital evidence if successfully recovered. Since it’s not typically visible through a file browser, it’s classified as an invisible data type. To understand the concept, you have to keep in mind that when someone deletes a file from a device, the data is still there – it’s just unlinked from the file structure itself, so it doesn’t show up in a search or when viewing the contents of a hard drive or storage device through a file browser.

Great discussion! Looking forward to learning more for each of you!

God Bless,




Please Note:

The support ticket system is for technical questions and post-sale issues.


If you have pre-sale questions please use our chat feature or email .

Cybersecurity Certifications for Today's INFOSEC Careers

Mile2 Cybersecurity Certifications is a world-leader in providing accredited education, training, and certifications for INFOSEC professionals. We strive to deliver the best course ware, the strongest Cyber Range, and the most user-friendly exam system in the market.


Our training courses follow our role-based Certification Roadmap. Plus, many of our classes include hands-on skill development in our Cyber Range.  We train students in penetration testing,disaster recovery, incident handling, and network forensics.  Additionally, our Information Assurance training certification meets military, government, private sector and institutional specifications.  



We've developed training for...

Canada Army Navy Airforce

The Canadian Department of National Defense


The United States Air Force

Defense Logistics Agency

A United States Counterintelligence Agency

Texas Workforce Commission

Texas Workforce Commission

error: Alert: Content is protected !!