NCJ Number
231623
Date Published
September 2010
Length
68 pages
Annotation
This report, prepared by the Office of Law Enforcement Standards of the National Institute of Standards and Technology, presents the results from testing SubRosaSoft MacForensicsLab 2.5.5 against the Digital Data Acquisition Tool Assertions and Test Plan Version 1.0.
Abstract
Results of the tests found that the SubRosaSoft MacForensicsLab 2.5.5 "acquired source drives completely and accurately except for in the cases where source drives containing faulty sectors were imaged or where a source drive containing a Host Protected Area (HPA) was imaged through a vendor-recommend write blocker." Detailed information is presented on anomalies that were observed during testing. This report is divided into five sections: Section 1 contains a summary of the results from the test runs; Section 2 provides justification for the selection of test cases from the set of possible cases defined in the test plan for Digital Data Acquisition tools; Section 3 describes in greater detail any anomalies summarized in the first section of the report; Section 4 contains a listing of hardware and software used to run the test cases with links to additional information about the items used; and Section 5 contains a description of each test case that was run with a list of all test assertions used in the test case, the expected result and the actual result. Tables
Date Published: September 1, 2010