When investigating a computer forensics case where Microsoft Exchange and Blackberry Enterprise server are used, where would investigator need to search to find email sent from a Blackberry device?

In a digital forensics investigation involving a data breach at a large corporation, the lead investigator is preparing to obtain a search warrant for seizing potential evidence. She needs to decide which type of warrant is appropriate given that the main suspect s activities seem to have involved significant online communication and data transfer. Which of the following actions should she take?

Which tool allows dumping the contents of process memory without stopping the process?

During an investigation, an employee was found to have deleted harassing emails that were sent to someone else. The company was using Microsoft Exchange and had message tracking enabled. Where could the investigator search to find the message tracking log file on the Exchange server?

In Windows, prefetching is done to improve system performance. There are two types of prefetching:
boot prefetching and application prefetching.
During boot prefetching, what does the Cache Manager do?