The Basics of Digital Forensics, The Primer for Getting Started in Digital Forensics by Sammons, John -- Read -- Imperial Library of Trantor

Index

Cover Title page Table of Contents Copyright Dedication Preface Acknowledgments Chapter 1: Introduction

Abstract Introduction What is forensic science? What is digital forensics? Uses of digital forensics The digital forensics process Locard’s exchange principle Scientific method Organizations of note Role of the forensic examiner in the judicial system Summary

Chapter 2: Key technical concepts

Abstract Introduction Bits, bytes, and numbering schemes File extensions and file signatures Storage and memory Computing environments Data types File systems Allocated and unallocated space How magnetic hard drives store data Summary

Chapter 3: Labs and tools

Abstract Introduction Forensic laboratories Policies and procedures Quality assurance Digital forensic tools Additional resources Alert! Accreditation Summary

Chapter 4: Collecting evidence

Abstract Introduction Crime scenes and collecting evidence Alert! Alert! Documenting the scene Chain of custody Cloning Alert! Live system versus dead system More advanced Alert! Hashing Final report Summary

Chapter 5: Windows system artifacts

Abstract Introduction Deleted data More advanced Hibernation file (hiberfile.sys) Registry Print spooling Recycle bin Alert! More advanced Metadata Alert! Thumbnail cache Most recently used Restore points and shadow copy Prefetch Link files Summary

Chapter 6: Anti-forensics

Abstract Introduction Hiding data Password attacks Additional resources Steganography Data destruction More advanced Summary

Chapter 7: Legal

Abstract Introduction The fourth amendment Criminal law—searches without a warrant More advanced Alert! Searching with a warrant Electronic discovery Alert! Expert testimony Additional resources Summary

Chapter 8: Internet and e-mail

Abstract Introduction Internet overview Additional resources More advanced Web browsers—Internet Explorer More advanced E-mail Alert! Social networking sites Additional resources Summary

Chapter 9: Network forensics

Abstract Introduction Network fundamentals Network security tools Network attacks Alert! Incident response Network evidence and investigations Additional resources Summary

Chapter 10: Mobile device forensics

Abstract Introduction Cellular networks Operating systems Cell phone evidence Cell phone forensic tools Global positioning systems Summary

Chapter 11: Looking ahead: challenges and concerns

Abstract Introduction Standards and controls Cloud forensics Additional resources Alert! Solid state drives More advanced Speed of change Additional resources Summary

Index

← Prev
Back
Next →

← Prev
Back
Next →