What are the main differences between computer forensics and cybersecurity?

• Cybersecurity: Prevents and stops security breaches and attacks.
• Computer Forensics: Investigates and analyzes incidents after they happen.

What are the six stages of a computer forensics examination?

• Readiness: Get ready for investigations with training and equipment.
• Evaluation: Understand the case, assign roles, and identify risks.
• Collection: Collect evidence like hard drives and interviews.
• Analysis: Study evidence to find out what happened and when.
• Presentation: Share findings and strategies for preventing future issues.
• Review: Look back, learn, and improve investigation methods.

References: https://www.wgu.edu/blog/computer-forensics2004.html