Computer Evidence: Collection and Preservation teaches law enforcement and computer forensics investigators how to identify, collect, and maintain digital artifacts to preserve their reliability for admission as evidence. The book focuses on collection and preservation because these two phases of computer forensics are the most critical to evidence acceptance, but are not thoroughly covered in text or courses. Throughout the book, a constant eye is kept on evidence dynamics and the impact investigators can have on data integrity while collecting evidence. The simple act of a computer forensics investigator shutting down a suspect's computer changes the state of the computer as well as many of its files, so a good understanding of evidence dynamics is essential when doing computer forensics work. Broken up into five parts, Computer Forensics & Evidence Dynamics, Information Systems, Data Storage Systems & Media, Artifact Collection, and Archiving & Maintaining Evidence, the book places specific focus on how investigators and their tools are interacting with digital evidence. By reading and using this task-oriented guide, computer forensics investigators will be able to ensure case integrity during the most crucial phases of the computer forensics process.
"synopsis" may belong to another edition of this title.
Christopher L. T. Brown, CISSP, is the founder and CTO of Technology Pathways. He is the chief architect of the Technology Pathways ProDiscover family of security products. Prior to his position with Technology Pathways, Mr. Brown served in key technology positions at several companies including GlobalApp, Inc., CompuVision, Inc., and StoragePoint, Inc. He is retired from a career with the U.S. Navy, where he managed a large team of technicians working in the area of information warfare and network security operations. In addition to his demanding duties as ProDiscover's chief architect, Mr. Brown teaches network security and computer forensics at the University of California at San Diego and has written numerous books on Windows, Security, the Internet, and forensics. He served as president of the San Diego HTCIA chapter in 2006, first vice president in 2005, second vice president in 2003, and was the 2007 HTCIA International conference chair. He attended UCSD and holds numerous career certifications from (ISC)2, Microsoft, Cisco, CompTIA, and CITRIX.
Acknowledgments Introduction PART I COMPUTER FORENSICS AND EVIDENCE DYNAMICS Chapter 1 Computer Forensics Essentials Chapter 2 Rules of Evidence, Case Law, and Regulation Chapter 3 Evidence Dynamics PART II INFORMATION SYSTEMS Chapter 4 Interview, Policy, and Audit Chapter 5 Network Topology and Architecture Chapter 6 Volatile Data PART III DATA STORAGE SYSTEMS AND MEDIA Chapter 7 Physical Disk Technologies Chapter 8 SAN, NAS, and RAID Chapter 9 Removable Media PART IV ARTIFACT COLLECTION Chapter 10 Tools, Preparation, and Documentation Chapter 11 Collecting Volatile Data Chapter 12 Imaging Methodologies Chapter 13 Large System Collection PART V ARCHIVING AND MAINTAINING EVIDENCE Chapter 14 The Forensics Workstation Chapter 15 The Forensics Lab Chapter 16 What's Next Appendix A Sample Chain of Custody Form Appendix B Evidence Collection Worksheet Appendix C Evidence Access Worksheet Appendix D Forensics Field Kit Appendix E Hexadecimal Flags for Partition Types Appendix F Forensics Tools for Digital Evidence Collection Appendix G Agencies, Contacts, and Resources Appendix H Investigator's Cisco Router Command Cheat Sheet Appendix I About the CD-ROM Index
"About this title" may belong to another edition of this title.
Shipping:
FREE
Within U.S.A.
Seller: Better World Books, Mishawaka, IN, U.S.A.
Condition: Good. Used book that is in clean, average condition without any missing pages. Seller Inventory # 6457851-75
Quantity: 1 available
Seller: Once Upon A Time Books, Siloam Springs, AR, U.S.A.
paperback. Condition: Good. This is a used book in good condition and may show some signs of use or wear . This is a used book in good condition and may show some signs of use or wear . Seller Inventory # mon0001096092
Quantity: 1 available
Seller: Wonder Book, Frederick, MD, U.S.A.
Condition: Very Good. Very Good condition. A copy that may have a few cosmetic defects. May also contain light spine creasing or a few markings such as an owner's name, short gifter's inscription or light stamp. Bundled media such as CDs, DVDs, floppy disks or access codes may not be included. Seller Inventory # Y05I-00614
Quantity: 1 available
Seller: HPB-Red, Dallas, TX, U.S.A.
Paperback. Condition: Good. Connecting readers with great books since 1972! Used textbooks may not include companion materials such as access codes, etc. May have some wear or writing/highlighting. We ship orders daily and Customer Service is our top priority! Seller Inventory # S_314164592
Quantity: 1 available
Seller: Better World Books Ltd, Dunfermline, United Kingdom
Condition: Very Good. Ships from the UK. Former library book; may include library markings. Used book that is in excellent condition. May show signs of wear or have minor defects. Seller Inventory # 40717476-20
Quantity: 1 available
Seller: Anybook.com, Lincoln, United Kingdom
Condition: Good. This is an ex-library book and may have the usual library/used-book markings inside.This book has soft covers. In good all round condition. Please note the Image in this listing is a stock photo and may not match the covers of the actual item,950grams, ISBN:9781584504054. Seller Inventory # 9214566
Quantity: 1 available
Seller: The Book Spot, Sioux Falls, MN, U.S.A.
Paperback. Condition: New. Seller Inventory # Abebooks365735
Quantity: 1 available
Seller: BennettBooksLtd, North Las Vegas, NV, U.S.A.
Paperback. Condition: New. In shrink wrap. Looks like an interesting title! Seller Inventory # Q-1584504056
Quantity: 1 available