Lýsing:
Uncover a digital trail of e-evidence by using the helpful, easy-to-understand information in Computer Forensics For Dummies ! Professional and armchair investigators alike can learn the basics of computer forensics, from digging out electronic evidence to solving the case. You won’t need a computer science degree to master e-discovery. Find and filter data in mobile devices, e-mail, and other Web-based technologies.
You’ll learn all about e-mail and Web-based forensics, mobile forensics, passwords and encryption, and other e-evidence found through VoIP, voicemail, legacy mainframes, and databases. You’ll discover how to use the latest forensic software, tools, and equipment to find the answers that you’re looking for in record time. When you understand how data is stored, encrypted, and recovered, you’ll be able to protect your personal privacy as well.
By the time you finish reading this book, you’ll know how to: Prepare for and conduct computer forensics investigations Find and filter data Protect personal privacy Transfer evidence without contaminating it Anticipate legal loopholes and opponents’ methods Handle passwords and encrypted data Work with the courts and win the case Plus, Computer Forensics for Dummies includes lists of things that everyone interested in computer forensics should know, do, and build.
Annað
- Höfundar: Linda Volonino, Reynaldo Anzaldua
- Útgáfa:1
- Útgáfudagur: 2008-11-24
- Hægt að prenta út 10 bls.
- Hægt að afrita 2 bls.
- Format:ePub
- ISBN 13: 9780470457832
- Print ISBN: 9780470371916
- ISBN 10: 047045783X
Efnisyfirlit
- Introduction
- Who Should Read This Book?
- About This Book
- How to Use This Book
- What You Don’t Need to Read
- Foolish Assumptions
- How This Book Is Organized
- Part I: Digging Out and Documenting Electronic Evidence
- Part II: Preparing to Crack the Case
- Part III: Doing Computer Forensic Investigations
- Part IV: Succeeding in Court
- Part V: The Part of Tens
- Glossary
- About the Web Site and Blog
- Icons Used in This Book
- Where to Go from Here
- Part I: Digging Out and Documenting Electronic Evidence
- Chapter 1: Knowing What Your Digital Devices Create, Capture, and Pack Away — Until Revelation Day
- Living and Working in a Recorded World
- Deleting is a misnomer
- Getting backed up
- Delusions of privacy danced in their headsets
- Giving the Third Degree to Computers, Electronics, and the Internet
- Answering the Big Questions
- What is my computer doing behind my back?
- How does my data get out there?
- Why can data be discovered and recovered easily?
- Examining Investigative Methods
- Getting permission
- Choosing your forensic tools
- Knowing what to look for and where
- Gathering evidence properly
- Revealing Investigation Results
- Preparing bulletproof findings
- Making it through trial
- Living and Working in a Recorded World
- Chapter 1: Knowing What Your Digital Devices Create, Capture, and Pack Away — Until Revelation Day
- Chapter 2: Suiting Up for a Lawsuit or Criminal Investigation
- Deciphering the Legal Codes
- Learning about relevancy and admissibility
- Getting started with electronic discovery
- Deciding what’s in and what’s not
- Playing by the rules
- Managing E-Discovery
- Understanding that timing is everything
- Grasping ESI discovery problems
- Avoiding overbroad requests
- Shaping the request
- Stepping through the response
- Conducting the Investigation in Good Faith
- Deciding Who’s Paying the Bill
- Deciphering the Legal Codes
- Chapter 3: Getting Authorized to Search and Seize
- Getting Authority: Never Start Without It
- Acknowledging who’s the boss (not you!)
- Putting together your team
- Involving external sources
- No warrant, no problem (if it’s done legally)
- Criminal Cases: Papering Your Behind (CYA)
- Learning about the case and the target
- Drafting an affidavit for a search warrant
- Presenting an affidavit for judicial processing
- Civil Cases: Verifying Company Policy
- Searching with verbal permission (without a warrant)
- Obtaining a subpoena
- Getting Authority: Never Start Without It
- Obsessing over Documentation
- Keeping the chain complete
- Dealing with carbon memories
- Deciding who gets the evidence first
- Getting to the truth
- Directing the Scene
- Papering the trail
- Recording the scene: Video
- Recording the sounds: Audio
- Getting the lead out
- Managing Evidence Behind the Yellow Tape
- Arriving ready to roll: Bringing the right tools
- Minimizing your presence
- Stepping Through the Scene
- Securing the area
- Surveying the scene
- Transporting the e-evidence
- Chapter 5: Minding and Finding the Loopholes
- Deciding to Take On a Client
- Learning about the case and the theory
- Finding out the client’s priorities
- Timing your work
- Defining the scope of work
- Determining Whether You Can Help the Case
- Serving as a resource for the lawyer
- Taking an active role
- Answering big, blunt questions
- Signing on the dotted line
- Passing the Court’s Standard As a Reliable Witness
- Getting your credentials accepted
- Impressing opinions on the jury
- Going Forward with the Case
- Digging into the evidence
- Organizing and documenting your work
- Researching and digging for intelligence
- Keeping a Tight Forensic Defense
- Plugging loopholes
- Deciding to Take On a Client
- Acquiring E-Evidence Properly
- Step 1: Determine the Type of Media You’re Working With
- Step 2: Find the Right Tool
- Finding all the space
- A write-protect device
- Sterile media
- Step 3: Transfer Data
- Transferring data in the field
- From computer to computer
- From storage device to computer
- Step 4: Authenticate the Preserved Data
- Step 5: Make a Duplicate of the Duplicate
- The Art of Scientific Inquiry
- Gearing Up for Challenges
- Getting a Handle on Search Terms
- Defining your search list
- Using forensic software to search
- Assuming risks
- Challenging Your Results: Plants and Frames and Being in the Wrong Place
- Knowing what can go wrong
- Looking beyond the file
- Finding No Evidence
- No evidence of who logged in
- No evidence of how it got there
- Reporting Your Analysis
- Recognizing Attempts to Blind the Investigator
- Encryption and compression
- Data hiding techniques
- Defeating Algorithms, Hashes, and Keys
- Finding Out-of-Sight Bytes
- Cracking Passwords
- Knowing when to crack and when not to crack
- Disarming passwords to get in
- Circumventing passwords to sneak in
- Decrypting the Encrypted
- Sloppiness cracks PGP
- Desperate measures
- Chapter 9: E-Mail and Web Forensics
- Opening Pandora’s Box of E-Mail
- Following the route of e-mail packets
- Becoming Exhibit A
- Tracking the biggest trend in civil litigation
- Scoping Out E-Mail Architecture
- E-mail structures
- E-mail addressing
- E-mail lingo
- E-mail in motion
- Seeing the E-Mail Forensics Perspective
- Dissecting the message
- Expanding headers
- Checking for e-mail extras
- Examining Client-Based E-Mail
- Extracting e-mail from clients
- Getting to know e-mail file extensions
- Copying the e-mail
- Printing the e-mail
- Investigating Web-Based Mail
- Searching Browser Files
- Temporary files
- Internet history
- Looking through Instant Messages
- Opening Pandora’s Box of E-Mail
- Chapter 10: Data Forensics
- Delving into Data Storage
- The anatomy of a disk drive
- Microsoft operating systems
- Apple: HFS
- Linux/Unix
- Finding Digital Cavities Where Data Hides
- Deleted files
- Non-accessible space
- RAM
- Windows Registry
- Search filtering
- Extracting Data
- Rebuilding Extracted Data
- Delving into Data Storage
- Chapter 11: Document Forensics
- Finding Evidential Material in Documents: Metadata
- Viewing metadata
- Extracting metadata
- Honing In on CAM (Create, Access, Modify) Facts
- Discovering Documents
- Luring documents out of local storage
- Finding links and external storage
- Rounding up backups
- Finding Evidential Material in Documents: Metadata
- Keeping Up with Data on the Move
- Shifting from desktop to handhelds
- Considering mobile devices forensically
- Recognizing the imperfect understanding of the technology
- Making a Device Seizure
- Mobile phones and SIM cards
- Personal digital assistants
- Digital cameras
- Digital audio recorders
- Cutting-Edge Cellular Extractions
- Equipping for mobile forensics
- Mobile forensic hardware
- Securing the mobile device
- Finding mobile data
- Examining a smart phone step-by-step
- Mobilizing Network Forensic Power
- Identifying Network Components
- Looking at the Open Systems Interconnection Model (OSI)
- Cooperating with secret agents and controlling servers
- Saving Network Data
- Categorizing the data
- Figuring out where to store all those bytes
- Re-Creating an Event from Traffic
- Analyzing time stamps
- Putting together a data sequence
- Spotting different data streams
- Looking at Network Forensic Tools
- Test Access Port (TAP)
- Mirrors
- Promiscuous NIC
- Wireless
- Discovering Network Forensic Vendors
- Taking a Closer Look at Answering Machines
- Examining Video Surveillance Systems
- Cracking Home Security Systems
- Tracking Automobiles
- Extracting Information from Radio Frequency Identification (RFID)
- Examining Copiers
- Taking a Look On the Horizon
- Chapter 15: Holding Up Your End at Pretrial
- Pretrial Motions
- Motion to suppress evidence
- Motion in limine
- Motion to dismiss
- Other motions
- Handling Pretrial Hearings
- Giving a Deposition
- Swearing to tell truthful opinions
- Surviving a deposition
- Bulletproofing your opinions
- Checking your statements
- Fighting stage fright
- Pretrial Motions
- Working Around Wrong Moves
- Responding to Opposing Experts
- Dealing with counterparts
- Formatting your response
- Responding to affidavits
- Hardening your testimony
- Making Good on Deliverables
- Understanding Barroom Brawls in the Courtroom
- Managing challenging issues
- Sitting on the stand
- Instructing jurors about expert testimony
- Presenting E-Evidence to Persuade
- Staging a disaster
- Exhibiting like an expert
- Communicating to the Court
- Giving testimony about the case
- Answering about yourself
- Getting paid without conflict
- The Front Ten: Certifications
- ACE: AccessData
- CCE: Certified Computer Examiner
- CFCE: Certified Forensic Computer Examiner
- CEECS: Certified Electronic Evidence Collection Specialist
- Cisco: Various certifications
- CISSP: Certified Information Systems Security Professional
- CompTia: Various certifications
- EnCE: Guidance Software
- Paraben training
- SANS and GCFA: GIAC Certified Forensics Analyst
- The Back Ten: Journals and Education
- Stick to Finding and Telling the Truth
- Don’t Fall for Counsel’s Tricks in Court
- Be Irrefutable
- Submit a Descriptive, Complete Bill
- Prepare a Clear, Complete Report
- Understand Nonverbal Cues
- Look ’Em Straight in the Eye
- Dress for Your Role As a Professional
- Stay Certified and Up-to-Date
- Know When to Say No
- Computer Forensic Software Tools
- EnCase
- Forensic ToolKit (FTK)
- Device Seizure
- Computer Forensic Hardware
- FRED
- WiebeTech Forensic Field Kit
- Logicube
- Computer Forensic Laboratories
- Computer forensic data server
- Forensic write blockers
- Media wiping equipment
- Recording equipment
UM RAFBÆKUR Á HEIMKAUP.IS
Bókahillan þín er þitt svæði og þar eru bækurnar þínar geymdar. Þú kemst í bókahilluna þína hvar og hvenær sem er í tölvu eða snjalltæki. Einfalt og þægilegt!Rafbók til eignar
Rafbók til eignar þarf að hlaða niður á þau tæki sem þú vilt nota innan eins árs frá því bókin er keypt.
Þú kemst í bækurnar hvar sem er
Þú getur nálgast allar raf(skóla)bækurnar þínar á einu augabragði, hvar og hvenær sem er í bókahillunni þinni. Engin taska, enginn kyndill og ekkert vesen (hvað þá yfirvigt).
Auðvelt að fletta og leita
Þú getur flakkað milli síðna og kafla eins og þér hentar best og farið beint í ákveðna kafla úr efnisyfirlitinu. Í leitinni finnur þú orð, kafla eða síður í einum smelli.
Glósur og yfirstrikanir
Þú getur auðkennt textabrot með mismunandi litum og skrifað glósur að vild í rafbókina. Þú getur jafnvel séð glósur og yfirstrikanir hjá bekkjarsystkinum og kennara ef þeir leyfa það. Allt á einum stað.
Hvað viltu sjá? / Þú ræður hvernig síðan lítur út
Þú lagar síðuna að þínum þörfum. Stækkaðu eða minnkaðu myndir og texta með multi-level zoom til að sjá síðuna eins og þér hentar best í þínu námi.
Fleiri góðir kostir
- Þú getur prentað síður úr bókinni (innan þeirra marka sem útgefandinn setur)
- Möguleiki á tengingu við annað stafrænt og gagnvirkt efni, svo sem myndbönd eða spurningar úr efninu
- Auðvelt að afrita og líma efni/texta fyrir t.d. heimaverkefni eða ritgerðir
- Styður tækni sem hjálpar nemendum með sjón- eða heyrnarskerðingu
- Gerð : 208
- Höfundur : 10610
- Útgáfuár : 2008
- Leyfi : 380