Introduction to Forensics
After reading this chapter and completing the exercises, you will be able to do the following:
Understand basic forensics principles.
Understand forensic procedures.
Make a forensic copy of a drive.
Use basic forensics tools.
Perform basic forensic tasks.
Throughout this book we have explored many aspects of network security. We have examined threats and countermeasures, firewalls, antivirus, IDS, cyber terrorism, policies, and more. However, your network security knowledge is incomplete without at least a basic understanding of computer forensics. The reason for this is simple: The first responders to computer crimes are usually the network administrators and tech support ...