Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes, Second Edition, 2nd Edition (Hardback) book cover

Cyber Forensics

A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes, Second Edition, 2nd Edition

By Albert Marcella, Jr., Doug Menendez

Auerbach Publications

528 pages | 124 B/W Illus.

Purchasing Options:$ = USD
Hardback: 9780849383281
pub: 2007-12-19
eBook (VitalSource) : 9780429105500
pub: 2010-12-19
from $52.50

FREE Standard Shipping!


Designed as an introduction and overview to the field, Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes, Second Edition integrates theory and practice to present the policies, procedures, methodologies, and legal ramifications and implications of a cyber forensic investigation. The authors guide you step-by-step through the basics of investigation and introduce the tools and procedures required to legally seize and forensically evaluate a suspect machine.

Updating and expanding information on concealment techniques, new technologies, hardware, software, and relevant new legislation, this second edition delineates the scope and goals of cyber forensics to reveal and track legal and illegal activity. Beginning with an introduction and definition of cyber forensics, chapters explain the rules of evidence and chain of custody in maintaining legally valid electronic evidence. They describe how to begin an investigation and employ investigative methodology, as well as establish standard operating procedures for the field and cyber forensic laboratory. The authors provide an in depth examination of the manipulation of technology to conceal illegal activities and the use of cyber forensics to uncover them. They discuss topics and issues such as conducting a cyber forensic investigation within both the local and federal legal framework, and evaluating the current data security and integrity exposure of multifunctional devices.

Cyber Forensics includes details and tips on taking control of a suspect computer or PDA and its "operating" environment, mitigating potential exposures and risks to chain of custody, and establishing and following a flowchart for the seizure of electronic evidence. An extensive list of appendices include websites, organizations, pertinent legislation, further readings, best practice recommendations, more information on hardware and software, and a recap of the federal rules of civil procedure.

Table of Contents


Cyber Forensic Tools and Utilities

Concealment Techniques

Hardware: Model System Platforms

Software: Operating Systems, Network Traffic, and Applications

Standard Operating Procedures: Digital Forensic Laboratory Accreditation Standards

Performing a Cyber Forensic Investigation Flowchart for the Seizure of Electronic Evidence and Associated Internal Control Questionnaire

Privacy and Cyber Forensics: An Australian Perspective

The Forensic Black Bag

Digital Multifunctional Devices: Forensic Value and Corporate Exposure

Cyber Forensics and the Law: Legal Considerations

Cyber-Forensics and the Changing Face of Investigating Criminal Behavior

Electronically Stored Information and Cyber Forensics

Cyber Forensic Awareness: Management Survey


Computer Forensic Web Sites

Cyber Crime and Forensic Organizations

Cyber Forensic Training Resources List

Pertinent Legislation

Recommended Readings

Management Assessment: 20 Questions

Flowchart for the Seizure of a Personal Digital Assistant

Additional Information: Computer Hardware

Questions that Every Cyber Investigator Should Ask Before, During, and After an Investigation

Cyber Forensic Best Practice Recommendations

Stenography Tools

Forensic Resources - Literature and Selected Readings

Forensic Online Resources

Locating Forensic Data in Windows Registries

The Sedona Principles for Electronic Document Production

Recap of Federal Rules of Civil Procedure Involving E-Discovery Amendments

Selected Acronyms

Generic Cellular Telephone Search Warrants

Generic Computer Search Warrant

Generic Affidavit for Search Warrant Appendix U Configuring the Investigator's Forensic Analysis Machine

Generic Search Warrant

Statement of Underlying Facts and Circumstances

Generic State Court Order-Seizure of Electronic Hardware and Records

Consent to Search

Forensic Case Study: Files from the Field

Glossary of Terms

Subject Categories

BISAC Subject Codes/Headings:
COMPUTERS / Information Technology
COMPUTERS / Security / General
LAW / Forensic Science