Synopses & Reviews
Master the skills necessary to launch and complete a successful computer investigation with the updated fourth edition of this popular book, GUIDE TO COMPUTER FORENSICS AND INVESTIGATIONS. This resource guides readers through conducting a high-tech investigation, from acquiring digital evidence to reporting its findings. Updated coverage includes new software and technologies as well as up-to-date reference sections, and content includes how to set up a forensics lab, how to acquire the proper and necessary tools, and how to conduct the investigation and subsequent digital analysis. It is appropriate for students new to the field, or as a refresher and technology update for professionals in law enforcement, investigations, or computer security. The book features free downloads of the latest forensic software, so readers can become familiar with the tools of the trade.
About the Author
Bill Nelson has been a computer forensics examiner for a Fortune 50 company for the past 12 years and has developed high-tech investigation programs for professional organizations and colleges. His previous experience includes AFIS software engineering and reserve police work. Amelia Phillips is a graduate of the Massachusetts Institute of Technology and has worked for more than 30 years in government, private industry, and academics. She has designed distance education classes and e-commerce, computer forensics, and network security programs at several community colleges. Amelia is Chair of the Pure and Applied Science Division at Highline Community College, a Fulbright Scholar, and a recent PhD in computer security. Christopher Steuart is one of the founders and the staff attorney for IT Forensics.com. Previously, he was an information systems security specialist for a Fortune 50 company and the United States government. Chris resides in Seattle, Washington.
Table of Contents
1: Computer Forensics and Investigation Processes. 2: Understanding Computing Investigations. 3: The Investigator's Office and Laboratory. 4: Data Acquisitions. 5: Processing Crime and Incident Scenes. 6: Working with Windows and DOS Systems. 7: Current Computer Forensics Tools. 8: Macintosh and Linux Boot Processes and File Systems. 9: Computer Forensics Analysis. 10: Recovering Graphics Files. 11: Virtual Machines, Network Forensics, and Live Acquisitions. 12: E-mail Investigations. 13: Cell Phone and Mobile Device Forensics. 14: Report Writing for High-Tech Investigations. 15: Expert Testimony in High-Tech Investigations. 16: Ethics and High-Tech Investigations. Appendix A: Certification and Testing Processes for Computer Forensics. Appendix B: ComputerForensics References. Appendix C: Computer Forensics Lab Configuration. Appendix D: DOS-Based Computer Forensics Tools.