Forensic Mode Questions

Hi guys, I have a couple of questions about the live forensic mode boot option in Kali. I'm a bit of a computer noob, so I'm sorry if these are stupid questions!

It says that the key difference in forensic mode is that the hard disc is never touched, however I was under the impression that this was already the case when using a live boot cd/USB. Am I mistaken, or is forensic mode simply a bit more restrictive in terms of letting you mount the hard disc by choice?

Also, assuming I was to boot in forensic mode, would this still allow me to access my persistent storage on the cd/USB?

https://docs.kali.org/general-use/ka...forensics-mode

I have read the documentation, and that is what prompted my question. When it says the hard disc is never touched, how does this differ from booting in a regular live mode, as I was under the impression that the hard disc wouldn't be touched anyway? Am I wrong?

The auto-mount option for all the storage device is disabled unless you explicitly request to mount your HDD using mount /dev/sda* /mnt.

Generally USB devices are auto-mounted but in forensic mode even that won't work to prevent theft of information.

Test this yourself.