Description:

Investigate computer crime, corporate malfeasance, and hacker break-ins quickly and effectively with help from this practical and comprehensive resource. You’ll get expert information on crucial procedures to successfully prosecute violators while avoiding the pitfalls of illicit searches, privacy violations, and illegally obtained evidence. It’s all here--from collecting actionable evidence, re-creating the criminal timeline, and zeroing in on a suspect to uncovering obscured and deleted code, unlocking encrypted files, and preparing lawful affidavits. Plus, you’ll get in-depth coverage of the latest PDA and cell phone investigation techniques and real-world case studies.

 

 

Table of Contents:

Part I: Preparing for an Incident

Chapter 1: The Forensics Process

Chapter 2: Computer Fundamentals

Chapter 3: Forensic Lab Environment Preparation

Part II: Collecting the Evidence

Chapter 4: Forensically Sound Evidence Collection

Chapter 5: Remote Investigations and Collections

Part III: Forensic Investigation Techniques

Chapter 6: Microsoft Windows Systems Analysis

Chapter 7: Linux Analysis

Chapter 8: Macintosh Analysis

Chapter 9: Defeating Anti-Forensic Techniques

Chapter 10: Enterprise Storage Analysis

Chapter 11: E-mail Analysis

Chapter 12: Tracking User Activity

Chapter 13: Cell Phone and PDA Analysis

Part IV: Presenting Your Findings

Chapter 14: Documenting the Investigation

Chapter 15: The Justice System

Part V: Appendixes

Appendix A: Forensic Forms and Checklists

Appendix B: Understanding Legal Concerns

Appendix C: The Digital Evidence Legal Process

Appendix D: Searching Techniques

Appendix E: The Investigator’s Toolkit

Glossary