Chapter 14. Introduction to Forensics

Chapter Objectives

After reading this chapter and completing the exercises, you will be able to do the following:

• Understand basic forensics principles

• Make a forensic copy of a drive

• Use basic forensics tools

Introduction

In the preceding 13 chapters, you have been introduced to a variety of security topics: from concepts like the CIA triangle, to attacks such as session hijacking, to counter measures like IDS and honey pots. In this chapter, we are going to cover the basics of computer forensics. This is a very important topic for anyone involved in computer security or network administration. It is frequently the case that the first responder to a computer crime is the network administrator, not ...

Get Computer Security Fundamentals, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.