Book description
Electronic discovery refers to a process in which electronic data is sought, located, secured, and searched with the intent of using it as evidence in a legal case. Computer forensics is the application of computer investigation and analysis techniques to perform an investigation to find out exactly what happened on a computer and who was responsible. IDC estimates that the U.S. market for computer forensics will be grow from $252 million in 2004 to $630 million by 2009. Business is strong outside the United States, as well. By 2011, the estimated international market will be $1.8 billion dollars. The Techno Forensics Conference has increased in size by almost 50% in its second year; another example of the rapid growth in the market.This book is the first to combine cybercrime and digital forensic topics to provides law enforcement and IT security professionals with the information needed to manage a digital investigation. Everything needed for analyzing forensic data and recovering digital evidence can be found in one place, including instructions for building a digital forensics lab.
* Digital investigation and forensics is a growing industry
* Corporate I.T. departments investigating corporate espionage and criminal activities are learning as they go and need a comprehensive guide to e-discovery
* Appeals to law enforcement agencies with limited budgets
Table of contents
- Copyright
- Contributing Authors
-
1. Computer Forensics in Today’s World
- Introduction
- History of Forensics
- Objectives of Computer Forensics
- Computer-Facilitated Crimes
- Reasons for Cyber Attacks
- Computer Forensic Flaws and Risks
- Rules of Computer Forensics
- Approach the Crime Scene
- Where and When Do You Use Computer Forensics?
- Legal Issues
- The Computer Forensics Lab
- Laboratory Strategic Planning for Business
- Elements of Facilities Build-out
- Electrical and Power Plant Considerations
- Essential Laboratory Tools
-
2. Digital Forensics: An Overview
- Introduction
- Digital Forensic Principles
- Digital Environments
- Digital Forensic Methodologies
- Summary
- Solutions Fast Track
- Frequently Asked Questions
-
3. Developing an Enterprise Digital Investigative/Electronic Discovery Capability
- Introduction
- Identifying Requirements for an Enterprise Digital Investigative/Electronic Discovery Capability
- Administrative Considerations for an Enterprise Digital Investigative/Electronic Discovery Capability
- Identifying Resources (Software/Hardware/Facility) for Your Team
- Summary
- References
- Frequently Asked Questions
-
4. Integrating a Quality Assurance Program in a Digital Forensic Laboratory
- Introduction
- Quality Planning, Quality Reviews, and Continuous Quality Improvement
- Other Challenges: Ownership, Responsibility and Authority
- Summary
- Frequently Asked Questions
-
5. Balancing E-discovery Challenges with Legal and IT Requirements
- Introduction
- Drivers of E-discovery Engineering
- Locations, Forms and Preservation of Electronically Stored Information
- Legal and IT Team Considerations for Electronic Discovery
- Are You Litigation Ready?
- E-discovery Tools
- Summary
- Frequently Asked Questions
-
6. Forensic Software and Hardware
- Introduction
- Part 1: Forensic Software Tools
- Part 2: Forensic Hardware Tools
- Summary
- Frequently Asked Questions
- 7. Incident Response: Live Forensics and Investigations
-
8. Seizure of Digital Information
- Introduction
- Defining Digital Evidence
- Digital Evidence Seizure Methodology
-
Factors Limiting the Wholesale Seizure of Hardware
- Factors Limiting Wholesale Seizure: Size of Media
- Factors Limiting Wholesale Seizure: Disk Encryption
- Factors Limiting Wholesale Seizure: Privacy Concerns
- Factors Limiting Wholesale Seizure: Delays Related to Laboratory Analysis
- Protecting the Time of the Most Highly Trained Personnel
- The Concept of the First Responder
-
Other Options for Seizing Digital Evidence
- Responding to a Victim of a Crime Where Digital Evidence Is Involved
- Seizure Example
- Previewing Information On-scene to Determine the Presence and Location of Evidentiary Data Objects
- Obtaining Information from a Running Computer
- Imaging Information On-Scene
- Imaging Finite Data Objects On-Scene
- Use of Tools for Digital Evidence Collection
- Common Threads within Digital Evidence Seizure
- Determining the Most Appropriate Seizure Method
- Summary
- Works Cited
- Frequently Asked Questions
- 9. Conducting Cyber Investigations
-
10. Acquiring Data, Duplicating Data, and Recovering Deleted Files
- Introduction
-
Recovering Deleted Files and Deleted Partitions
- Deleting Files
- Recycle Bin
- Data Recovery in Linux
- Recovering Deleted Files
-
Deleted File Recovery Tools
-
Undelete Tools
- Undelete
- Active@ Data Recovery Software
- R-Undelete
- Easy-Undelete
- WinUndelete
- Restoration
- Mycroft V3
- Recover My Files
- eData Unerase
- Recover4all Professional
- File Scavenger
- VirtualLab
- File Recover
- Badcopy Pro
- Zero Assumption Recovery
- SUPERFileRecover
- DiskInternals Uneraser and NTFS Recovery
- PC Inspector File Inspector
- Search and Recover
- O&O Unerase
- Filesaver
- Stellar Phoenix
- Restorer 2000
- R-linux
- PC ParaChute
- Recycle Bin Replacements
- CD/DVD Data Recovery
- Microsoft Office Repair and Recovery
- Compressed Files
- Deleted Images
-
Undelete Tools
- Recovering Deleted Partitions
- Deleted Partition Recovery Tools
- Data Acquisition and Duplication
- Summary
- Frequently Asked Questions
- 11. Forensic Discovery and Analysis Using BackTrack
- 12. Windows, Linux, and Macintosh Boot Processes
-
13. Windows and Linux Forensics
- Introduction
- Windows Forensics
- Linux Forensics
- Summary
- Frequently Asked Questions
-
14. Investigating Network Traffic and Investigating Logs
- Introduction
- Overview of the OSI Model
- Network Addresses and NAT
- Network Information-Gathering Tools
- Snort
- Monitoring User Activity
- Summary
- Frequently Asked Questions
- 15. Router Forensics and Network Forensics
- 16. Investigating Wireless Attacks
-
17. E-mail Forensics
- Introduction
- Where to Start?
- Forensic Acquisition
- Processing Local Mail Archives
-
18. Steganography and Application Password Crackers
- Introduction
- Classification of Steganography
- Six Categories of Steganography in Forensics
- Types of Steganography
- Application of Steganography
- Hiding in Network Packets
- Issues in Information Hiding
- Steg Tools
- Steganography vs. Watermarking
- Attacking Watermarking
- Detecting and Attacking Steganography
- Application Password Cracking
- Summary
- 19. PDA and Blackberry
- 20. MP3 Forensics
Product information
- Title: The Best Damn Cybercrime and Digital Forensics Book Period
- Author(s):
- Release date: April 2011
- Publisher(s): Syngress
- ISBN: 9780080556086
You might also like
book
TechnoSecurity's Guide to E-Discovery and Digital Forensics
TechnoSecurity's Guide to E-Discovery and Digital Forensics provides IT security professionals with the information (hardware, software, …
book
Computer Forensics and Digital Investigation with EnCase Forensic v7
Conduct repeatable, defensible investigations with EnCase Forensic v7 Maximize the powerful tools and features of the …
book
Computer Forensics: A Pocket Guide
How would your organisation cope with a cyber attack? Pinpoint and close vulnerabilities using effective computer …
book
Pro iOS Security and Forensics: Enterprise iPhone and iPad Safety
Examine how to keep iOS devices safe in the physical world, including creating company policies for …