Chapter 14. Introduction to Forensics

Chapter Objectives

After reading this chapter and completing the exercises, you will be able to do the following:

• Understand basic forensics principles

• Make a forensic copy of a drive

• Use basic forensics tools


In the preceding 13 chapters, you have been introduced to a variety of security topics: from concepts like the CIA triangle, to attacks such as session hijacking, to counter measures like IDS and honey pots. In this chapter, we are going to cover the basics of computer forensics. This is a very important topic for anyone involved in computer security or network administration. It is frequently the case that the first responder to a computer crime is the network administrator, not ...

Get Computer Security Fundamentals, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.