Book description
An explanation of the basic principles of data
This book explains the basic principles of data as building blocks of electronic evidential matter, which are used in a cyber forensics investigations. The entire text is written with no reference to a particular operation system or environment, thus it is applicable to all work environments, cyber investigation scenarios, and technologies. The text is written in a step-by-step manner, beginning with the elementary building blocks of data progressing upwards to the representation and storage of information. It inlcudes practical examples and illustrations throughout to guide the reader.
Table of contents
- Cover
- Contents
- Title
- Copyright
- Dedication
- Preface
- Acknowledgments
-
Chapter One: The Fundamentals of Data
- Base 2 Numbering System: Binary and Character Encoding
- Communication in a Two-State Universe
- Electricity and Magnetism
- Building Blocks: The Origins of Data
- Growing the Building Blocks of Data
- Moving Beyond Base 2
- American Standard Code for Information Interchange
- Character Codes: The Basis for Processing Textual Data
- Extended ASCII and Unicode
- Summary
- Notes
- Chapter Two: Binary to Decimal
- Chapter Three: The Power of HEX: Finding Slivers of Data
-
Chapter Four: Files
- Opening
- Files, File Structures, and File Formats
- File Extensions
- Changing a File’s Extension to Evade Detection
- Files and the HEX Editor
- File Signature
- ASCII is not Text or HEX
- Value of File Signatures
- Complex Files: Compound, Compressed, and Encrypted Files
- Why do Compound Files Exist?
- Compressed Files
- Forensics and Encrypted Files
- The Structure of Ciphers
- Summary
- Notes
- Appendix 4A: Common File Extensions
- Appendix 4B: File Signature Database
- Appendix 4C: Magic Number Definition
- Appendix 4D: Compound Document Header
- Chapter Five: The Boot Process and the Master Boot Record (MBR)
- Chapter Six: Endianness and the Partition Table
- Chapter Seven: Volume versus Partition
-
Chapter Eight: File Systems—FAT 12/16
- Tech Review
- File Systems
- Metadata
- File Allocation Table (FAT) File System
- Slack
- HEX Review Note
- Directory Entries
- File Allocation Table (FAT)
- How is Cluster Size Determined?
- Expanded Cluster Size
- Directory Entries and the FAT
- FAT Filing System Limitations
- Directory Entry Limitations
- Summary
- Appendix 8A: Partition Table Fields
- Appendix 8B: File Allocation Table Values
- Appendix 8C: Directory Entry Byte Offset Description
- Appendix 8D: FAT 12/16 Byte Offset Values
- Appendix 8E: FAT 32 Byte Offset Values
- Appendix 8F: The Power of 2
- Chapter Nine: File Systems—NTFS and Beyond
- Chapter Ten: Cyber Forensics: Investigative Smart Practices
- Chapter Eleven: Time and Forensics
-
Chapter Tweleve: Investigation: Incident Closure
- Forensic Investigative Smart Practices
- Step 5: Investigation (Continued)
- Step 6: Communicate Findings
- Characteristics of a Good Cyber Forensic Report
- Report Contents
- Step 7: Retention and Curation of Evidence
- Step 8: Investigation Wrap-Up and Conclusion
- Investigator’s Role as an Expert Witness
- Summary
- Notes
- Chapter Thirteen: A Cyber Forensic Process Summary
- Appendix
- Glossary
- About the Authors
- Index
Product information
- Title: Cyber Forensics: From Data to Digital Evidence
- Author(s):
- Release date: May 2012
- Publisher(s): Wiley
- ISBN: 9781118273661
You might also like
book
Investigating the Cyber Breach: The Digital Forensics Guide for the Network Engineer, First Edition
Investigating the Cyber Breach The Digital Forensics Guide for the Network Engineer Understand the realities of …
book
Practical Cyber Forensics: An Incident-Based Approach to Forensic Investigations
Become an effective cyber forensics investigator and gain a collection of practical, efficient techniques to get …
book
Cyber Forensics, 2nd Edition
Updating and expanding information on concealment techniques, new technologies, hardware, software, and relevant new legislation, this …
book
Digital Forensics and Internet of Things
DIGITAL FORENSICS AND INTERNET OF THINGS It pays to be ahead of the criminal, and this …