Answer should be original, and similarity (plagiarism) not more than 10% this is very very very important otherwise I will be in trouble. Answer should be a clear explanation and should be clear...

In many cases the investigators gained remote access to the host that a computer intruder was using
to launch attacks and then e-mailed themselves evidence gathered from the remote host. Although
this approach is convenient, it complicates the chain of custody, makes it more difficult to confirm
the integrity of the digital evidence, and May not work at all if the e-mail is not delivered. Therefore,
when collecting evidence from the remote machine, use multiple methods to obtain two or more
copies of the evidence. For instance display the contents of text files on screen so that they are
recorded by whatever logging program the examiner is using and transfer files directly from the
remote host to a collection system whenever possible.
Ultimately, the measures one takes to preserve digital evidence depend on the type of evidence, the
severity of the crime, and the importance of the evidence to the investigation. In some situations, it
is sufficient to take print screens and make a copy of information from the Internet. In other
situations like when there are too many files to copy individually, or when the charges are especially
serious such as murder, it becomes necessary to size the...