»
Digital Forensics for Legal Professionals
 
 

Digital Forensics for Legal Professionals, 1st Edition

Understanding Digital Evidence From The Warrant To The Courtroom

 
Digital Forensics for Legal Professionals, 1st Edition,Larry Daniel,Lars Daniel,ISBN9781597496438
 
 
 

  &      

Syngress

9781597496438

9781597496445

368

235 X 191

A complete non-technical guide for legal professionals to understand digital forensics.

Print Book + eBook

USD 71.34
USD 118.90

Buy both together and save 40%

Print Book

Paperback

In Stock

Estimated Delivery Time
USD 59.95

eBook
eBook Overview

EPUB format

PDF format

VST (VitalSource Bookshelf) format

USD 58.95
Add to Cart
 
 

Key Features

  • Includes a companion Web site with: courtroom illustrations, and examples of discovery motions
  • Provides examples of direct and cross examination questions for digital evidence
  • Contains a reference of definitions of digital forensic terms, relevant case law, and resources for the attorney

Description

Digital Forensics for Legal Professionals provides you with a guide to digital technology forensics in plain English. In the authors’ years of experience in working with attorneys as digital forensics experts, common questions arise again and again: “What do I ask for?” “Is the evidence relevant?” “What does this item in the forensic report mean?” “What should I ask the other expert?” “What should I ask you?” “Can you explain that to a jury?” This book answers many of those questions in clear language that is understandable by non-technical people. With many illustrations and diagrams that will be usable in court, they explain technical concepts such as unallocated space, forensic copies, timeline artifacts and metadata in simple terms that make these concepts accessible to both attorneys and juries.

The authors also explain how to determine what evidence to ask for, evidence might be that could be discoverable, and the methods for getting to it including relevant subpoena and motion language. Additionally, this book provides an overview of the current state of digital forensics, the right way to select a qualified expert, what to expect from a qualified expert and how to properly use experts before and during trial.

Readership

Attorneys, judges, paralegals, digital forensic professionals.

Larry Daniel

Larry Daniel is a digital forensics examiner and cellular records analyst with Guardian Digital Forensics. Larry has testified over 45 times in state and federal courts, and is one of the top digital forensic examiners in the US, with experience in hundreds of civil and criminal cases involving all types of digital evidence, from computers to black boxes to cell phones. Larry is a sought-after speaker for both technical and legal conferences, and is the co-author of the successful Syngress title Digital Forensics for Legal Professionals.

Affiliations and Expertise

Larry E. Daniel is one of the country’s top digital forensic experts with experience in hundreds of civil and criminal cases.

Lars Daniel

Lars Daniel is a digital forensics examiner and forensic artist with Guardian Digital Forensics. He has worked over a hundred civil and criminal cases, and has worked with world renowned forensic sculptor Frank Bender on numerous missing persons and cold cases.

Affiliations and Expertise

Digital forensics examiner and forensic artist, Guardian Digital Forensics, NC, USA

Digital Forensics for Legal Professionals, 1st Edition

  • Preface
    • Intended Audience
    • Organization of this Book
    • Acknowledgments
  • Dedication
  • About the Authors
  • About the Tech Editors
  • Section 1: What Is Digital Forensics?
    • Chapter 1. Digital Evidence Is Everywhere
      • Publisher Summary
      • Introduction
      • 1.1 What is digital forensics?
      • 1.2 What is digital evidence?
      • 1.3 How digital evidence is created and stored
      • Summary
    • Chapter 2. Overview of Digital Forensics
      • Publisher Summary
      • Introduction
      • 2.1 Digital forensics
      • 2.2 A little computer history
      • 2.3 A brief history of computer forensics
      • 2.4 Computer forensics becomes digital forensics
      • Summary
    • Chapter 3. Digital Forensics: The Subdisciplines
      • Publisher Summary
      • Introduction
      • 3.1 The subdisciplines
      • 3.2 Computer forensics
      • Summary
    • Chapter 4. The Foundations of Digital Forensics: Best Practices
      • Publisher Summary
      • Introduction
      • 4.1 Who establishes best practices?
      • 4.2 Who should be following best practices?
      • 4.3 Summary of best practices
      • 4.4 What really happens in many cases
      • Summary
    • Chapter 5. Overview of Digital Forensics Tools
      • Publisher Summary
      • Introduction
      • 5.1 What makes a tool forensically sound?
      • 5.2 Who performs tool testing?
      • 5.3 Computer forensics tools: An overview
      • 5.4 Classes of forensics tools
      • 5.5 Mobile device forensics tools
      • Summary
      • References
    • Chapter 6. Digital Forensics at Work in the Legal System
      • Publisher Summary
      • Introduction
      • 6.1 Mitigation
      • 6.2 Pre-trial motions
      • 6.3 Trial preparation
      • 6.4 Example trial questions
      • 6.5 Trial phase
      • Summary
  • Section 2: Experts
    • Chapter 7. Why Do I Need an Expert?
      • Publisher Summary
      • Introduction
      • 7.1 Why hire a digital forensics expert?
      • 7.2 When to hire a digital forensics expert
      • Summary
    • Chapter 8. The Difference between Computer Experts and Digital Forensics Experts
      • Publisher Summary
      • Introduction
      • 8.1 The computer expert
      • 8.2 The digital forensics expert
      • 8.3 A side-by-side comparison
      • 8.4 Investigation of digital evidence
      • Summary
    • Chapter 9. Selecting a Digital Forensics Expert
      • Publisher Summary
      • Introduction
      • 9.1 What is an expert?
      • 9.2 Locating and selecting an expert
      • 9.3 Certifications
      • 9.4 Training, education, and experience
      • 9.5 The right forensic tools
      • Summary
      • References
    • Chapter 10. What to Expect from an Expert
      • Publisher Summary
      • Introduction
      • 10.1 General expectations
      • 10.2 Where to begin?
      • 10.3 The examination
      • 10.4 Court preparation
      • 10.5 Expert advice
      • Summary
    • Chapter 11. Approaches by Different Types of Examiners
      • Publisher Summary
      • Introduction
      • 11.1 Standards
      • 11.2 Training and experience
      • 11.3 Impact on examinations
      • 11.4 Ethics
      • 11.5 The approach to an examination
      • Summary
      • References
    • Chapter 12. Spotting a Problem Expert
      • Publisher Summary
      • Introduction
      • 12.1 Beyond the window dressings
      • Summary
    • Chapter 13. Qualifying an Expert in Court
      • Publisher Summary
      • Introduction
      • 13.1 Qualifying an expert
      • 13.2 Qualifying experts in court
      • Summary
      • Reference
  • Section 3: Motions and Discovery
    • Chapter 14. Overview of Digital Evidence Discovery
      • Publisher Summary
      • Introduction
      • 14.1 Discovery motions in civil and criminal cases
      • Summary
    • Chapter 15. Discovery of Digital Evidence in Criminal Cases
      • Publisher Summary
      • Introduction
      • 15.1 Sources of digital evidence
      • 15.2 Building the motion
      • Summary
    • Chapter 16. Discovery of Digital Evidence in Civil Cases
      • Publisher Summary
      • Introduction
      • 16.1 Rules governing civil discovery
      • 16.2 Electronic discovery in particular
      • 16.3 Time is of the essence
      • 16.4 Getting to the particulars
      • 16.5 Getting the electronic evidence
      • Summary
      • References
    • Chapter 17. Discovery of Computers and Storage Media
      • Publisher Summary
      • Introduction
      • 17.1 An example of a simple consent to search agreement
      • 17.2 Example of a simple order for expedited discovery
      • 17.3 Example of an order for expedited discovery and temporary restraining order
      • Summary
    • Chapter 18. Discovery of Video Evidence
      • Publisher Summary
      • Introduction
      • 18.1 Common issues with video evidence
      • 18.2 Collecting video evidence
      • 18.3 Example discovery language for video evidence
      • Summary
    • Chapter 19. Discovery of Audio Evidence
      • Publisher Summary
      • Introduction
      • 19.1 Common issues with audio evidence
      • 19.2 Example discovery language for audio evidence
      • Summary
    • Chapter 20. Discovery of Social Media Evidence
      • Publisher Summary
      • Introduction
      • 20.1 Legal issues in social media discovery
      • 20.2 Finding custodian of records contact information
      • 20.3 Facebook example
      • 20.4 Google information
      • 20.5 Online e-mail accounts
      • Summary
      • References
    • Chapter 21. Discovery in Child Pornography Cases
      • Publisher Summary
      • Introduction
      • 21.1 The Adam Walsh Child Protection and Safety Act of 2006
      • 21.2 The discovery process
      • Summary
      • References
    • Chapter 22. Discovery of Internet Service Provider Records
      • Publisher Summary
      • Introduction
      • 22.1 Internet service provider records or IP addresses
      • 22.2 Example language for web-based e-mail addresses
      • 22.3 What to expect from an internet service provider (ISP) subpoena
      • Summary
    • Chapter 23. Discovery of Global Positioning System Evidence
      • Publisher Summary
      • Introduction
      • 23.1 GPS tracking evidence overview
      • 23.2 Discovery of GPS evidence
      • Summary
    • Chapter 24. Discovery of Call Detail Records
      • Publisher Summary
      • Introduction
      • 24.1 Discovery issues in cellular evidence
      • 24.2 Example language for call detail records
      • Summary
    • Chapter 25. Obtaining Expert Funding in Indigent Cases
      • Publisher Summary
      • Introduction
      • 25.1 Justifying extraordinary expenses
      • 25.2 Example language for an ex parte motion for expert funds
      • Summary
  • Section 4: Common Types of Digital Evidence
    • Chapter 26. Hash Values: The Verification Standard
      • Publisher Summary
      • Introduction
      • 26.1 Hash values
      • 26.2 How hash values are used in digital forensics
      • Summary
    • Chapter 27. Metadata
      • Publisher Summary
      • Introduction
      • 27.1 The purpose of metadata
      • 27.2 Common types of metadata
      • Summary
    • Chapter 28. Thumbnails and the Thumbnail Cache
      • Publisher Summary
      • Introduction
      • 28.1 Thumbnails and the thumbnail cache
      • 28.2 How thumbnails and the thumbnail cache work
      • 28.3 Thumbnails and the thumbnail cache as evidence
      • Summary
      • Reference
    • Chapter 29. Deleted Data
      • Publisher Summary
      • Introduction
      • 29.1 How data is stored on a hard drive
      • 29.2 Deleted file recovery
      • 29.3 Evidence of data destruction
      • Summary
    • Chapter 30. Computer Time Artifacts (MAC Times)
      • Publisher Summary
      • Introduction
      • 30.1 Computer file system time stamps
      • 30.2 Fundamental Issues in forensic analysis of timeline
      • 30.3 Created, modified, accessed
      • 30.4 The bottom line
      • Summary
    • Chapter 31. Internet History (Web and Browser Caching)
      • Publisher Summary
      • Introduction
      • 31.1 What is web caching?
      • 31.2 How Internet browser (web) caching works
      • 31.3 Internet (web) caching as evidence
      • 31.4 What if the Internet cache is cleared by the user?
      • Summary
    • Chapter 32. Windows Shortcut Files (Link Files)
      • Publisher Summary
      • Introduction
      • 32.1 The purpose of link files, how they are created, and how they work
      • 32.2 How link files can be of evidentiary value
      • 32.3 Link files as evidence
      • Summary
    • Chapter 33. Cellular System Evidence and Call Detail Records
      • Publisher Summary
      • Introduction
      • 33.1 An overview of the cellular phone system
      • 33.2 How cell phones work
      • 33.3 Call detail records
      • 33.4 Call detail records as evidence of cell phone location
      • 33.5 Enhanced 911 wireless location services
      • 33.6 The E911 system overview
      • 33.7 Emergency situations: Real-time cell phone tracking
      • Summary
      • Reference
    • Chapter 34. E-mail Evidence
      • Publisher Summary
      • Introduction
      • 34.1 E-mail as evidence
      • 34.2 E-mail storage and access: Where is it?
      • 34.3 Web mail
      • Summary
      • Reference
    • Chapter 35. Social Media
      • Publisher Summary
      • Introduction
      • 35.1 Common forms of social networking (social media)
      • 35.2 Evidence out in the open
      • 35.3 Convenience versus security
      • 35.4 The allure of anonymity
      • 35.5 Social media as evidence
      • 35.6 Getting information from online services
      • Summary
      • References
    • Chapter 36. Peer-to-Peer Networks and File Sharing
      • Publisher Summary
      • Introduction
      • 36.1 What is peer-to-peer file sharing?
      • 36.2 How it works
      • 36.3 Privacy and security issues with peer-to-peer file sharing
      • 36.4 Peer-to-peer network evidence
      • Summary
      • Reference
    • Chapter 37. Cell Phones
      • Publisher Summary
      • Introduction
      • 37.1 The fragile nature of cellular evidence
      • 37.2 Forensic acquisition methods for cellular phones
      • 37.3 Subscriber identity module (SIM) cards
      • 37.4 Cell phone backup files
      • 37.5 Advanced cell phone data analytics
      • 37.6 The future of cell phone forensics
      • Summary
      • References
    • Chapter 38. Video and Photo Evidence
      • Publisher Summary
      • Introduction
      • 38.1 The most critical steps in the forensic examination of video and photo evidence
      • 38.2 Using video and photo evidence in cases
      • Summary
      • References
    • Chapter 39. Databases
      • Publisher Summary
      • Introduction
      • 39.1 Databases in everyday life
      • 39.2 What is a database?
      • 39.3 Database files as evidence
      • 39.4 Database recovery
      • 39.5 Data as evidence
      • Summary
    • Chapter 40. Accounting Systems and Financial Software
      • Publisher Summary
      • Introduction
      • 40.1 Accounting and money management programs
      • 40.2 Personal money management software
      • 40.3 Business accounting software
      • 40.4 Getting the evidence
      • 40.5 Types of evidence from financial software
      • 40.6 Batch files as evidence
      • 40.7 Other sources of financial evidence
      • Summary
    • Chapter 41. Multiplayer Online Games
      • Publisher Summary
      • Introduction
      • 41.1 The culture of Massively Multiplayer Online Role Playing Games (MMORPGs)
      • 41.2 MMORPG data as evidence
      • Summary
      • References
    • Chapter 42. Global Positioning Systems
      • Publisher Summary
      • Introduction
      • 42.1 An overview of global positioning systems
      • 42.2 An overview of the NAVSTAR Global Positioning System
      • 42.3 How GPS works
      • 42.4 Types of GPS evidence
      • 42.5 Collection of evidence from GPS devices
      • 42.6 Interpretation of GPS evidence
      • Summary
      • References
  • Index

Quotes and reviews

"There is so much valuable information contained within this book that I found it was difficult to put down once I started it…Digital evidence is here to stay and the management of that evidence has been made easier to understand with Digital Forensics for Legal Professionals."--Law Technology News, May 4, 2012

"No competent lawyer is foolish enough not to appreciate the pervasiveness of digital evidence, or that digital forensics requires mastery far beyond his ken.  Larry Daniels’ book provides the most comprehensive, nuts and bolts resource for trial lawyers on digital forensics.  This isn’t the sort of book to skim and stick on the shelf, but to keep on our desk because we’ll need it that often. This is part of the trial lawyer’s bible."--Scott H. Greenfield, Criminal Defense Attorney, New York City

"This isn't your stock standard book focusing on how to do digital forensics, it's an innovative text focusing on preparing technical and legal professionals for dealing with litigation. This is a must-have addition to anyone's digital forensic/legal library."--Jonathan T. Rajewski, Professor of Digital Forensics, Champlain College

"There is so much valuable information contained within this book that I found it was difficult to put down once I started it. Its readability is excellent and I could directly and immediately apply the book's lessons to my day-to-day work within technology, project management, and electronic discovery. As I was finishing the final two chapters, an attorney came to me with a case project that included a digital evidence acquisition with multiple cell phones and, lo-and-behold, I was equipped to speak to the process of the data acquisition and intelligently begin the project due to this book. Digital evidence is here to stay and the management of that evidence has been made easier to understand with Digital Forensics for Legal Professionals."--Law Technology News

 
 
Free Shipping
Shop with Confidence

Free Shipping around the world
▪ Broad range of products
▪ 30 days return policy
FAQ

Contact Us