Digital Archaeology · the Art and Science of Digital Forensics (Jason Arnold's Library) by Graves, Michael W. -- Read -- Imperial Library of Trantor

Index

About This eBook Title Page Copyright Page Dedication Page Contents Preface

Why This Book? Who Will Benefit from This Book? Who Will NOT Benefit from This Book? How This Book Is Organized Understanding the Book’s Format The Need for Professionals Certification Programs for Forensics Professionals A Personal Note on Certification Programs Acknowledgments

About the Author 1. The Anatomy of a Digital Investigation

A Basic Model for Investigators Understanding the Scope of the Investigation Identifying the Stakeholders The Art of Documentation Chapter Review Chapter Exercises References

2. Laws Affecting Forensic Investigations

Constitutional Implications of Forensic Investigation The Right to Privacy The Expert Witness Chapter Review Chapter Exercises References

3. Search Warrants and Subpoenas

Distinguishing between Warrants and Subpoenas What Is a Search and When Is It Legal? Basic Elements of Obtaining a Warrant The Plain View Doctrine The Warrantless Search Subpoenas Chapter Review Chapter Exercises References

4. Legislated Privacy Concerns

General Privacy Financial Legislation Privacy in Health Care and Education Privileged Information Chapter Review Chapter Exercises References

5. The Admissibility of Evidence

What Makes Evidence Admissible? Keeping Evidence Authentic Defining the Scope of the Search When the Constitution Doesn’t Apply Chapter Review Chapter Exercises References

6. First Response and the Digital Investigator

Forensics and Computer Science Controlling the Scene of the Crime Handling Evidence Chapter Review Chapter Exercises References

7. Data Acquisition

Order of Volatility Memory and Running Processes Acquiring Media Chapter Review Chapter Exercises References

8. Finding Lost Files

File Recovery The Deleted File Data Carving Chapter Review Chapter Exercises References

9. Document Analysis

File Identification Understanding Metadata Mining the Temporary Files Identifying Alternate Hiding Places of Data Chapter Review Chapter Exercises References

10. E-mail Forensics

E-mail Technology Information Stores The Anatomy of an E-mail An Approach to E-mail Analysis Chapter Review Chapter Exercises References

11. Web Forensics

Internet Addresses Web Browsers Web Servers Proxy Servers Chapter Review Chapter Exercises References

12. Searching the Network

An Eagle’s Eye View Initial Response Proactive Collection of Evidence Post-Incident Collection of Evidence Router and Switch Forensics Chapter Review Chapter Exercises References

13. Excavating a Cloud

What Is Cloud Computing? Shaping the Cloud The Implications of Cloud Forensics On Virtualization Constitutional Issues Chapter Review Chapter Exercises References

14. Mobile Device Forensics

Challenges of Mobile Device Forensics How Cell Phones Work Data Storage on Cell Phones Acquisition and Storage Legal Aspects of Mobile Device Forensics Chapter Review Chapter Exercises References

15. Fighting Antiforensics

Artifact Destruction Hiding Data on the System Covert Data Chapter Review Chapter Exercises References

16. Litigation and Electronic Discovery

What Is E-Discovery? A Roadmap of E-Discovery Conclusion Chapter Review Chapter Exercises References

17. Case Management and Report Writing

Managing a Case Writing Reports Chapter Review Chapter Exercises References

18. Tools of the Digital Investigator

Software Tools Working with “Court-Approved” Tools Hardware Tools Nontechnical Tools Chapter Review Chapter Exercises References

19. Building a Forensic Workstation

What Is a Forensic Workstation? Commercially Available Forensic Workstations Building a Forensic Workstation From Scratch Chapter Review Chapter Exercises References

20. Licensing and Certification

Digital Forensic Certification Vendor-Neutral Certification Programs Vendor-Specific Certification Programs Digital Forensic Licensing Requirements Chapter Review Chapter Exercises References

21. The Business of Digital Forensics

Starting a New Forensics Organization Maintaining the Organization Generating Revenue Organizational Certification Chapter Review Chapter Exercises References

A. Chapter Review Answers

Chapter 1 Chapter 2 Chapter 3 Chapter 4 Chapter 5 Chapter 6 Chapter 7 Chapter 8 Chapter 9 Chapter 10 Chapter 11 Chapter 12 Chapter 13 Chapter 14 Chapter 15 Chapter 16 Chapter 17 Chapter 18 Chapter 19 Chapter 20 Chapter 21

B. Sample Forms

Sample Search Warrant Sample Subpoena Sample Case Log Sample Chain of Custody Physical Disk Information Forensic Imaging Data Provide legible photographs of physical disk

Glossary Index

← Prev
Back
Next →

← Prev
Back
Next →