|
Computer Forensics: Principles & Practices
Master the techniques for gathering electronic evidence and explore the new frontier of crime investigation.
The demand for computer forensics experts greatly exceeds the supply. With the rapid growth of technology in all parts of our lives, criminal activity must be tracked down and investigated using electronic methods that require up-to-date
techniques and knowledge of the latest software tools. Authors Linda Volonino, Jana Godwin, and Reynaldo Anzaldua share their expertise to give you the legal, technical, and investigative skills you need to launch your career in computer forensics. You can also use Computer Forensics: Principles and Practices to help you advance in careers such as criminal justice, accounting, law enforcement, and federal investigation.
Computer Forensics: Principles and Practicesgives you in-depth understanding of:
* Using the correct investigative tools and procedures to maximize effectiveness of evidence gathering.
* Keeping evidence in pristine condition so it will be admissible in a legal action.
* Investigating large-scale attacks such as identity theft, fraud, phishing, extortion, and malware infections.
* The legal foundations for proper handling of traditional and electronic evidence such as the Federal Rules of Evidence and Procedure as well as the Fourth Amendment and other laws regarding search warrants and civil rights.
* Practical tools such as FTK, EnCase, Passware, Ethereal, LADS, WinHex, GIMP, Camouflage, and Snort.
This book is filled with tools to help you move beyond simply learning concepts and help you apply them. These tools include:
* In Practice tutorials: Apply concepts and learn by doing.
* Exercises and Projects: Assignments show you how to employ your new skills.
* Case Studies: Apply what you learn in real-world scenarios.
The companion Web site (www.prenhall.com/security) includes:
* Additional testing materials and projects to reinforce book lessons.
* Downloadable checklists and templates used in the book.
* Links to additional topics and resources to assist you in your professional development.
CONTENTS:
Contents in Brief
PART ONE: Admissibility of Electronic Evidence ........................1
* Forensic Evidence and Crime Investigation ......................................3
* Computer Forensics and Digital Detective Work ..............................38
PART TWO: Preparing for E-Evidence Collection
and Preservation ....................................................................79
* Tools, Environments, Equipment, and Certifications ..........................81
* Policies and Procedures..............................................................120
* Data, PDA, and Cell Phone Forensics ..........................................157
PART THREE: Forensic Examination of Computers
and Digital and Electronic Media ......................................193
* Operating Systems and Data Transmission Basics for Digital
Investigations ............................................................................195
* Investigating Windows, Linux, and Graphics Files ........................236
* E-Mail and Webmail Forensics ....................................................282
PART FOUR: Detecting Intrusions, Malware, and Fraud ........317
* Internet and Network Forensics and Intrusion Detection ..................319
* Tracking Down Those Who Intend to Do Harm on a Large Scale ....348
* Fraud and Forensic Accounting Investigation ................................372
PART FIVE: Legal, Ethical, and Testimony Topics....................405
* Federal Rules and Criminal Codes ..............................................407
* Ethical and Professional Responsibility in Testimony ......................436
Appendix A: Online Resources ....................................................467
Appendix B: Government and Legal References ..............................472
Appendix C: Sample Legal Forms, Letters, and Motions ....................478
Appendix D: Summaries of Court Cases ........................................504
Glossary ..................................................................................508
References ................................................................................516
Index ......................................................................................523
|
