Chapter 1. Understanding Digital Forensics
History of Digital Crime and Forensics
Types of Forensic Investigations
Chapter 2. Investigative Process Models
Digital Forensic Readiness Model
Section B. Digital Forensic Readiness
Chapter 4. Understanding Forensic Readiness
Digital Forensics and Information Security
Cost and Benefit of Forensic Readiness
Implementing Forensic Readiness
Chapter 5. Define Business Risk Scenarios
Chapter 6. Identify Potential Data Sources
Forensics in the System Development Life Cycle
Chapter 7. Determine Collection Requirements
Chapter 8. Establish Legal Admissibility
Chapter 9. Establish Secure Storage and Handling
Administrative Governance Foundations
Backup and Restoration Strategies
Chapter 10. Enable Targeted Monitoring
What is (Un)Acceptable Activity?
Traditional Security Monitoring
Chapter 11. Map Investigative Workflows
Incident Handling and Response
Chapter 12. Establish Continuing Education
Balancing Business Versus Technical Learning
Chapter 13. Maintain Evidence-Based Reporting
Inculpatory and Exculpatory Evidence
Chapter 14. Ensure Legal Review
Chapter 15. Accomplishing Forensic Readiness
Maintain a Business-Centric Focus
Appendix A: Investigative Process Models
Appendix B: Education and Professional Certifications
Appendix C: Tool and Equipment Validation Program
Appendix E: Cost–Benefit Analysis
Appendix I: Data Warehouse Introduction
Template A: Test Case Document
Template B: Investigator Logbook
Template C: Chain of Custody Tracking Form
Template D: Investigative Final Report
Template F: Business Case Document
Template H: Threat/Risk Assessment Report
Template I: Data Source Inventory Matrix
Template J: Project Charter Document