Guide To Computer Forensics And Investigations
Guide%20to%20Computer%20Forensics%20and%20Investigations%20by%20B.%20Nelson%2C%20A.%20Phillips%2C%20C.%20Steuart
User Manual: Pdf
Open the PDF directly: View PDF
Page Count: 715 [warning: Documents this large are best viewed by clicking the View PDF Link!]
- Front Cover
- Title Page
- Copyright
- Brief Table of Contents
- TABLE OF CONTENTS
- PREFACE
- INTRODUCTION
- CHAPTER 1: Computer Forensics and Investigations as a Profession
- CHAPTER 2: Understanding Computer Investigations
- CHAPTER 3: The Investigator’s Office and Laboratory
- CHAPTER 4: Data Acquisition
- Understanding Storage Formats for Digital Evidence
- Determining the Best Acquisition Method
- Contingency Planning for Image Acquisitions
- Using Acquisition Tools
- Validating Data Acquisitions
- Performing RAID Data Acquisitions
- Using Remote Network Acquisition Tools
- Using Other Forensics Acquisition Tools
- Chapter Summary
- Key Terms
- Review Questions
- Hands-On Projects
- Case Projects
- CHAPTER 5: Processing Crime and Incident Scenes
- Identifying Digital Evidence
- Collecting Evidence in Private-Sector Incident Scenes
- Processing Law Enforcement Crime Scenes
- Preparing for a Search
- Securing a Computer Incident or Crime Scene
- Seizing Digital Evidence at the Scene
- Storing Digital Evidence
- Obtaining a Digital Hash
- Chapter Summary
- Key Terms
- Review Questions
- Hands-On Projects
- Case Projects
- CHAPTER 6: Working with Windows and DOS Systems
- Understanding File Systems
- Exploring Microsoft File Structures
- Examining NTFS Disks
- Understanding Whole Disk Encryption
- Understanding the Windows Registry
- Understanding Microsoft Startup Tasks
- Understanding MS-DOS Startup Tasks
- Understanding Virtual Machines
- Chapter Summary
- Key Terms
- Review Questions
- Hands-On Projects
- Case Projects
- CHAPTER 7: Current Computer Forensics Tools
- CHAPTER 8: Macintosh and Linux Boot Processes and File Systems
- CHAPTER 9: Computer Forensics Analysis and Validation
- CHAPTER 10: Recovering Graphics Files
- CHAPTER 11: Virtual Machines, Network Forensics, and Live Acquisitions
- CHAPTER 12: E-mail Investigations
- CHAPTER 13: Cell Phone and Mobile Device Forensics
- CHAPTER 14: Report Writing for High-Tech Investigations
- CHAPTER 15: Expert Testimony in High-Tech Investigations
- CHAPTER 16: Ethics for the Expert Witness
- APPENDIX A: Certification Test References
- APPENDIX B: Computer Forensics References
- APPENDIX C: Computer Forensics Lab Considerations
- APPENDIX D: DOS File System and Forensics Tools
- GLOSSARY
- INDEX