Examination

Examination definition in Computer Security terms:

Acronym(s): None

Definition(s): A technical review that makes the evidence visible and suitable for analysis; as well as tests performed on the evidence to determine the presence or absence of specific data.
Source(s): NIST SP 800-101 Rev. 1

A technical review that makes the evidence visible and suitable for analysis; tests performed on the evidence to determine the presence or absence of specific data.
Source(s): NIST SP 800-72

The second phase of the computer and network forensics process, which involves forensically processing large amounts of collected data using a combination of automated and manual methods to assess and extract data of particular interest, while preserving the integrity of the data.
Source(s): NIST SP 800-86

Synonym(s): None

 

reference: CSRC Glossary