Basics of Digital Forensics The Primer for Getting Started in Digital Forensics

ISBN-10: 1597496618
ISBN-13: 9781597496612
Edition: 2012
Authors: John Sammons
List price: $29.95 Buy it from $10.11
eBook available
30 day, 100% satisfaction guarantee

If an item you ordered from TextbookRush does not meet your expectations due to an error on our part, simply fill out a return request and then return it by mail within 30 days of ordering it for a full refund of item cost.

Learn more about our returns policy

Description: The Basics of Digital Forensics will provide a foundation for people new to the digital forensics field.This book will teach people how to condusct examiniations by discussing what Digital Forensics is, the methodologies used, and the tools needed  More...

New Starting from $23.42
eBooks Starting from $29.95
Buy
what's this?
Rush Rewards U
Members Receive:
coins
coins
You have reached 400 XP and carrot coins. That is the daily max!
You could win $10,000

Get an entry for every item you buy, rent, or sell.

Study Briefs

Limited time offer: Get the first one free! (?)

All the information you need in one place! Each Study Brief is a summary of one specific subject; facts, figures, and explanations to help you learn faster.

Add to cart
Study Briefs
History of Western Art Online content $4.95 $1.99
Add to cart
Study Briefs
History of World Philosophies Online content $4.95 $1.99
Add to cart
Study Briefs
American History Volume 1 Online content $4.95 $1.99
Add to cart
Study Briefs
History of Western Music Online content $4.95 $1.99

Customers also bought

Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading

Book details

List price: $29.95
Copyright year: 2012
Publisher: Elsevier Science & Technology Books
Publication date: 2/15/2012
Binding: Paperback
Pages: 208
Size: 7.50" wide x 9.25" long x 0.50" tall
Weight: 1.078
Language: English

The Basics of Digital Forensics will provide a foundation for people new to the digital forensics field.This book will teach people how to condusct examiniations by discussing what Digital Forensics is, the methodologies used, and the tools needed to perform examinations. The audience will learn how to prepare an investigative plan, as well as how to prepare for courtroom testimony.Learn all about what Digital Forensics entailsBuild a toolkit and prepare an investigative planUnderstand the common artifacts to look for during an exam

John Sammons is an Assistant Professor at Marshall University in Huntington, West Virginia. John teaches digital forensics, electronic discovery, information security and technology in the Department of Integrated Science and Technology. He's also adjunct faculty with the Marshall University graduate forensic science program. He is also the founder and Director of the Appalachian Institute of Digital Evidence. AIDE is a non-profit organization that provides research and training for digital evidence professionals including attorneys, judges, law enforcement and information security practitioners in the private sector. John, a former police officer, is also an Investigator with the Cabell County Prosecuting Attorney's Office and a member of the FBI's West Virginia Cybercrime Task Force. He is an Associate Member of the American Academy of Forensic Sciences, the High Technology Crime Investigation Association, the Southern Criminal Justice Association and Infragard.

Preface
Acknowledgments
About The Author
About The Technical Editor
Introduction
Introduction
What Is Forensic Science?
What Is Digital Forensics?
Uses of Digital Forensics
Criminal Investigations
Civil Litigation
Intelligence
Administrative Matters
Locard's Exchange Principle
Scientific Method
Organizations of Note
Scientific Working Group on Digital Evidence
American Academy of Forensic Sciences
American Society of Crime Laboratory Directors/Laboratory Accreditation Board
National Institute of Standards and Technology (NIST)
American Society for Testing and Materials (ASTM)
Role of the Forensic Examiner in the Judicial System
The CSI Effect
Summary
References
Key Technical Concepts
Introduction
Bits, Bytes, and Numbering Schemes
Hexadecimal
Binary to Text: ASCII and Unicode
File Extensions and File Signatures
Storage and Memory
Magnetic Disks
Flash Memory
Optical Storage
Volatile versus Nonvolatile Memory
Computing Environments
Cloud Computing
Data Types
Active Data
Latent Data
Archival Data
File Systems
Allocated and Unallocated Space
Data Persistence
How Magnetic Hard Drives Store Data
Page File (or Swap Space)
Basic Computer Function-Putting it All Together
Summary
References
Labs and Tools
Introduction
Forensic Laboratories
Virtual Labs
Lab Security
Evidence Storage
Policies and Procedures
Quality Assurance
Tool Validation
Documentation
Digital Forensic Tools
Tool Selection
Hardware
Software
Accreditation
Accreditation versus Certification
Summary
References
Collecting Evidence
Introduction
Crime Scenes and Collecting Evidence
Removable Media
Cell Phones
Order of Volatility
Documenting the Scene
Photography
Notes
Chain of Custody
Marking Evidence
Cloning
Purpose of Cloning
The Cloning Process
Forensically Clean Media
Forensic Image Formats
Risks and Challenges
Value in eDiscovery
Live System versus Dead System
Live Acquisition Concerns
Advantage of Live Collection
Principles of Live Collection
Conducting and Documenting a Live Collection
Hashing
Types of Hashing Algorithms
Hashing Example
Uses of Hashing
Final Report
Summary
References
Windows System Artifacts
Introduction
Deleted Data
Hibernation File (Hiberfile.sys)
Sleep
Hibernation
Hybrid Sleep
Registry
Registry Structure
Attribution
External Drives
Print Spooling
Recycle Bin
Metadata
Removing Metadata
Thumbnail Cache
Most Recently Used (MRU)
Restore Points and Shadow Copy
Restore Points
Shadow Copies
Prefetch
Link Files
Installed Programs
Summary
References
Antiforensics
Introduction
Hiding Data
Encryption
What Is Encryption?
Early Encryption
Algorithms
Key Space
Some Common Types of Encryption
Breaking Passwords
Password Attacks
Brute Force Attacks
Password Reset
Dictionary Attack
Steganography
Data Destruction
Drive Wiping
Summary
References
Legal
Introduction
The Fourth Amendment
Criminal Law-Searches without a Warrant
Reasonable Expectation of Privacy
Private Searches
E-mail
The Electronic Communications Privacy Act (ECPA)
Exceptions to the Search Warrant Requirement
Searching with a Warrant
Seize the Hardware or Just the Information?
Particularity
Establishing Need for Off-Site Analysis
Stored Communications Act
Electronic Discovery (eDiscovery)
Duty to Preserve
Private Searches in the Workplace
Expert Testimony
Summary
References
Internet and E-Mail
Introduction
Internet Overview
Peer-to-Peer (P2P)
The INDEX.DAT File
Web Browsers-Internet Explorer
Cookies
Temporary Internet Files, a.k.a. web Cache
Internet History
Internet Explorer Artifacts in the Registry
Chat Clients
Internet Relay Chat (IRC)
ICQ "I Seek You"
E-Mail
Accessing E-mail
E-mail Protocols
E-mail as Evidence
E-mail-Covering the Trail
Tracing E-mail
Reading E-mail Headers
Social Networking Sites
Summary
References
Network Forensics
Introduction
Social Engineering
Network Fundamentals
Network Types
Network Security Tools
Network Attacks
Incident Response
Network Evidence and Investigations
Network Investigation Challenges
Summary
References
Mobile Device Forensics
Introduction
Cellular Networks
Cellular Network Components
Types of Cellular Networks
Operating Systems
Cell Phone Evidence
Call Detail Records
Collecting and Handling Cell Phone Evidence
Subscriber Identity Modules
Cell Phone Acquisition: Physical and Logical
Cell Phone Forensic Tools
Global Positioning Systems (GPS)
Summary
References
Looking Ahead: Challenges and Concerns
Introduction
Standards and Controls
Cloud Forensics (Finding/Identifying Potential Evidence Stored in the Cloud)
What Is Cloud Computing?
The Benefits of the Cloud
Cloud Forensics and Legal Concerns
Solid State Drives (SSD)
How Solid State Drives Store Data
The Problem: Taking out the Trash
Speed of Change
Summary
References
Index

×
Free shipping on orders over $35*

*A minimum purchase of $35 is required. Shipping is provided via FedEx SmartPost® and FedEx Express Saver®. Average delivery time is 1 – 5 business days, but is not guaranteed in that timeframe. Also allow 1 - 2 days for processing. Free shipping is eligible only in the continental United States and excludes Hawaii, Alaska and Puerto Rico. FedEx service marks used by permission."Marketplace" orders are not eligible for free or discounted shipping.

Learn more about the TextbookRush Marketplace.

×