Computer forensic examiners need to combine art and science to produce the highest valued electronic data content. The wide variety of document types, tremendous volume of dissimilar media, operating systems, programs, and compaction and encryption algorithms all present daunting tasks for the examiner to efficiently organize, process, and filter. The art involves how to get to the core documents, the smoking gun. Individual disk drives, in and of themselves, are very large reservoirs of information. The investigator's job is to assist counsel in establishing priorities for searching drives, directories, and document types. This is where the experience of the examiner and the art of forensic examinations come in. The science involves the tools that capture, sort, and select the data for review by counsel. Further, there exists a wealth of knowledge about how computers operate and where programs and operating systems store data or encode information about where and when information was placed on a computer's hard drive. Experts who excel at combining the science with the art are the ones who are most helpful in assisting counsel making arguments that win court decisions.