ACPO Abbrev - Association of Chief Police Officers.

BiOS Abbrev - Basic Input Output System

Directory(ies) - see Folder

False Positive - where a keyword has been found in an incorrect set of circumstances e.g. a search on “teen” discovers the word “springsteen”).

Folder(s) - A virtual storage area on any piece of media created either by the user, the operating system or a software application. A folder may contain another folder.

GB Abbrev - see GigaByte

GigaByte - Unit of measure typically referring to the capacity of a piece of media e.g. a Hard Disk or the size of a file on a piece of media. 1GigaByte is equivalent to 1024 MegaByte (MB)

Hard Disk - A piece of media usually found inside the computer, which is used as the primary method of file storage, contained.

Hard Drive - see Hard Disk

Hash (Md5) - An MD5 hash value is a number generated through a defined algorithmic formula which generates a unique identifier for any file. This value effectively becomes a digital fingerprint allowing the file to be uniquely identified. The odds that two files with differing contents would generate the same hash value are 2128. By generating hash values of known files (e.g. files known to part of a legitimate piece of software or alternatively a file known to contain indecent material) and compiling these into a library, files analysed as part of a case and subsequently cross referenced against a known hash library, Files can be included or excluded as appropriate from the case.

Hash Analysis - The comparison of Hashes generated in a case against a known hash library.

Image [forensic] - A reference to a forensically sound copy of original evidence including unused space.

Image - A reference to a file, which contains a picture or graphic.

MB Abbrev – see MegaByte

MD5 [Hash] - see Hash

Media - A reference to any type of storage medium e.g. Hard Disk, Floppy Disk, Zip Disk, USB thumb drive.

MegaByte - Unit of measure typically referring to the capacity of a piece of media e.g. a Hard Disk or the size of a file on a piece of media. 1 megabyte (MB) is equivalent to 1024 kilobytes (KB).

SAP - Sentencing Advisory Panel

Signature (File) - Many, but not all, file types contain a few bytes of information at the beginning that identifies the file category it belongs to (e.g. graphics, audio, movies or text etc.) Most graphics files have a unique signature and this allows the true category of a file to be determined regardless of whether the file [extension] has been renamed in an attempt to disguise it’s true contents.

Signature Analysis - An analysis of files to determine whether the file extension matches the file signature. Files that appear mismatched following analysis may indicate an attempt to disguise the true content of it. E.g. where a file containing an image has its file extension renamed to give it the appearance of a text document.

Signature - see Signature (File)

Working Copy - The copy or image of the piece(s) of original evidence, which is used for analysis in order to preserve the integrity of the original media. See Image also.

Write Block - A device which when connected to a piece of media prevents writes (changes) to it.