Book description
PART OF THE NEW JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES!
Computer crimes call for forensics specialists, people who know how to find and follow the evidence. System Forensics, Investigation, and Response begins by examining the fundamentals of system forensics, such as what forensics is, the role of computer forensics specialists, computer forensic evidence, and application of forensic analysis skills. It also gives an overview of computer crimes, forensic methods, and laboratories. It then addresses the tools, techniques, and methods used to perform computer forensics and investigation. Finally, it explores emerging technologies as well as future directions of this interesting and cutting-edge field.
Table of contents
- Copyright
- Preface
- Acknowledgments
- About the Authors
-
ONE. The System Forensics Landscape
- 1. System Forensics Fundamentals
- 2. Overview of Computer Crime
- 3. Challenges of System Forensics
-
4. Forensics Methods and Labs
- Forensic Soundness
- Forensic Frameworks and Processes
- Building a Business Case for Creating a Forensics Lab
- Setting Up a Forensics Lab
- Policies, Processes, and Procedures for Maintaining a Lab
- CHAPTER SUMMARY
- KEY CONCEPTS AND TERMS
- CHAPTER 4 ASSESSMENT
-
TWO. Technical Overview: System Forensics Tools, Techniques, and Methods
-
5. System Forensics Technologies
- How the Military Uses System Forensics
-
Which Technologies Law Enforcement Agencies Use
- Evidence Preservation
- Trojan Horse Programs
- Documentation of Methodologies and Findings
- Disk Structure
- File Slack Searching
- Data-Hiding Techniques
- Fuzzy Logic Tools for Identifying Unknown Text
- Data Encryption
- Disk-to-Computer Matching
- Data Compression
- Recovery of Erased Files
- Internet Abuse Identification and Detection
- The Boot Process and Memory-Resident Programs
- Flash Memory Media Processing
- How Businesses Use System Forensics Technologies
- Commonly Used System Forensics Tools
- CHAPTER SUMMARY
- KEY CONCEPTS AND TERMS
- CHAPTER 5 ASSESSMENT
- 6. Controlling a Forensic Investigation
-
7. Collecting, Seizing, and Protecting Evidence
- Collecting Forensic Evidence
-
The Steps in Seizing Forensic Evidence
- Shutting Down the Computer
- Documenting the Hardware Configuration of the System
- Transporting the Computer System to a Secure Location
- Mathematically Authenticating Data on All Storage Devices
- Making a List of Key Search Words
- Searching Files, File Slack, and Unallocated Space for Keywords
- Documenting Filenames, Dates, and Times
- Identifying File, Program, and Storage Anomalies
- Evaluating Program Functionality
- Documenting Findings
- Retaining Copies of Software Used
- Protecting Evidence: Controlling Contamination
- CHAPTER SUMMARY
- KEY CONCEPTS AND TERMS
- CHAPTER 7 ASSESSMENT
-
8. Understanding Information-Hiding Techniques
- History of Data Hiding
- Alternate Data Streams (ADS)
- Rootkits
- Steganography Concepts and Tools
- Defeating Steganography
- CHAPTER SUMMARY
- KEY CONCEPTS AND TERMS
- CHAPTER 8 ASSESSMENT
- 9. Recovering Data
- 10. Investigating and Scrutinizing E-mail
- 11. Performing Network Analysis
- 12. Searching Memory in Real Time with Live System Forensics
-
5. System Forensics Technologies
-
THREE. Incident Response, Future Directions, and Resources
- 13. Incident and Intrusion Response
- 14. Trends and Future Directions
- 15. System Forensics Resources
- A. Answer Key
- B. Standard Acronyms
- Glossary of Key Terms
- References
Product information
- Title: System Forensics, Investigation, and Response
- Author(s):
- Release date: September 2010
- Publisher(s): Jones & Bartlett Learning
- ISBN: 9780763791353
You might also like
book
System Forensics, Investigation, and Response, 3rd Edition
Part of the Jones & Bartlett Learning Information Systems Security & Assurance Series! System Forensics, Investigation, …
book
Handbook of Digital Forensics and Investigation
This completely revised reference work will concentrate on providing specific practical information in a well organized …
book
Network Forensics
Intensively hands-on training for real-world network forensics Network Forensics provides a uniquely practical guide for IT …
book
Practical Cyber Forensics: An Incident-Based Approach to Forensic Investigations
Become an effective cyber forensics investigator and gain a collection of practical, efficient techniques to get …