2nd Edition
Cyber Forensics A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes, Second Edition
Designed as an introduction and overview to the field, Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes, Second Edition integrates theory and practice to present the policies, procedures, methodologies, and legal ramifications and implications of a cyber forensic investigation. The authors guide you step-by-step through the basics of investigation and introduce the tools and procedures required to legally seize and forensically evaluate a suspect machine.
Updating and expanding information on concealment techniques, new technologies, hardware, software, and relevant new legislation, this second edition delineates the scope and goals of cyber forensics to reveal and track legal and illegal activity. Beginning with an introduction and definition of cyber forensics, chapters explain the rules of evidence and chain of custody in maintaining legally valid electronic evidence. They describe how to begin an investigation and employ investigative methodology, as well as establish standard operating procedures for the field and cyber forensic laboratory. The authors provide an in depth examination of the manipulation of technology to conceal illegal activities and the use of cyber forensics to uncover them. They discuss topics and issues such as conducting a cyber forensic investigation within both the local and federal legal framework, and evaluating the current data security and integrity exposure of multifunctional devices.
Cyber Forensics includes details and tips on taking control of a suspect computer or PDA and its "operating" environment, mitigating potential exposures and risks to chain of custody, and establishing and following a flowchart for the seizure of electronic evidence. An extensive list of appendices include websites, organizations, pertinent legislation, further readings, best practice recommendations, more information on hardware and software, and a recap of the federal rules of civil procedure.
Cyber Forensic Tools and Utilities
Concealment Techniques
Hardware: Model System Platforms
Software: Operating Systems, Network Traffic, and Applications
Standard Operating Procedures: Digital Forensic Laboratory Accreditation Standards
Performing a Cyber Forensic Investigation Flowchart for the Seizure of Electronic Evidence and Associated Internal Control Questionnaire
Privacy and Cyber Forensics: An Australian Perspective
The Forensic Black Bag
Digital Multifunctional Devices: Forensic Value and Corporate Exposure
Cyber Forensics and the Law: Legal Considerations
Cyber-Forensics and the Changing Face of Investigating Criminal Behavior
Electronically Stored Information and Cyber Forensics
Cyber Forensic Awareness: Management Survey
Appendices:
Computer Forensic Web Sites
Cyber Crime and Forensic Organizations
Cyber Forensic Training Resources List
Pertinent Legislation
Recommended Readings
Management Assessment: 20 Questions
Flowchart for the Seizure of a Personal Digital Assistant
Additional Information: Computer Hardware
Questions that Every Cyber Investigator Should Ask Before, During, and After an Investigation
Cyber Forensic Best Practice Recommendations
Stenography Tools
Forensic Resources - Literature and Selected Readings
Forensic Online Resources
Locating Forensic Data in Windows Registries
The Sedona Principles for Electronic Document Production
Recap of Federal Rules of Civil Procedure Involving E-Discovery Amendments
Selected Acronyms
Generic Cellular Telephone Search Warrants
Generic Computer Search Warrant
Generic Affidavit for Search Warrant Appendix U Configuring the Investigator's Forensic Analysis Machine
Generic Search Warrant
Statement of Underlying Facts and Circumstances
Generic State Court Order-Seizure of Electronic Hardware and Records
Consent to Search
Forensic Case Study: Files from the Field
Glossary of Terms
