»
The Basics of Digital Forensics
 
 

The Basics of Digital Forensics, 2nd Edition

The Primer for Getting Started in Digital Forensics

 
The Basics of Digital Forensics, 2nd Edition,John Sammons,ISBN9780128016350
 
 
Up to
30%
off
 

  

Syngress

9780128016350

9780128045428

200

235 X 191

The only resource you need to get a jump-start into digital forensics investigations

Print Book + eBook

USD 50.94
USD 84.90

Buy both together and save 40%

Print Book

Paperback

In Stock

Estimated Delivery Time
USD 24.47
USD 34.95

eBook
eBook Overview

DRM-free included formats : PDF

USD 37.46
USD 49.95
Add to Cart
 
 

Key Features

  • Learn what Digital Forensics entails
  • Build a toolkit and prepare an investigative plan
  • Understand the common artifacts to look for in an exam
  • Second Edition features all-new coverage of hard drives, triage, network intrusion response, and electronic discovery; as well as updated case studies, expert interviews, and expanded resources and references

Description

The Basics of Digital Forensics provides a foundation for people new to the digital forensics field. This book teaches you how to conduct examinations by discussing what digital forensics is, the methodologies used, key tactical concepts, and the tools needed to perform examinations. Details on digital forensics for computers, networks, cell phones, GPS, the cloud and the Internet are discussed. Also, learn how to collect evidence, document the scene, and how deleted data can be recovered.

The new Second Edition of this book provides you with completely up-to-date real-world examples and all the key technologies used in digital forensics, as well as new coverage of network intrusion response, how hard drives are organized, and electronic discovery. You'll also learn how to incorporate quality assurance into an investigation, how to prioritize evidence items to examine (triage), case processing, and what goes into making an expert witness.

The Second Edition also features expanded resources and references, including online resources that keep you current, sample legal documents, and suggested further reading.

Readership

Digital forensics professionals and enthusiasts; information security professionals; legal professionals; law enforcement officers; students in digital forensics degree programs

John Sammons

John Sammons is an Associate Professor and Director of the undergraduate program in Digital Forensics and Information Assurance at Marshall University in Huntington, West Virginia. John teaches digital forensics, electronic discovery, information security and technology in the School of Forensic and Criminal Justices Sciences. He's also adjunct faculty with the Marshall University graduate forensic science program where he teaches the advanced digital forensics course. John, a former police officer, is also an Investigator with the Cabell County Prosecuting Attorney’s Office and a member of the West Virginia Internet Crimes Against Children Task Force. He is a Member of the American Academy of Forensic Sciences, the High Technology Crime Investigation Association, and Infragard. John is the founder and President of the Appalachian Institute of Digital Evidence. AIDE is a non-profit organization that provides research and training for digital evidence professionals including attorneys, judges, law enforcement and information security practitioners in the private sector. He is the author of best-selling book, The Basics of Digital Forensics published by Syngress.

Affiliations and Expertise

Associate Professor and Director of the Digital Forensics and Information Assurance program, Marshall University, Huntington, WV, USA

View additional works by John Sammons

The Basics of Digital Forensics, 2nd Edition

  • Dedication
  • Preface
  • Acknowledgments
  • Chapter 1: Introduction
    • Abstract
    • Introduction
    • What is forensic science?
    • What is digital forensics?
    • Uses of digital forensics
    • The digital forensics process
    • Locard’s exchange principle
    • Scientific method
    • Organizations of note
    • Role of the forensic examiner in the judicial system
    • Summary
  • Chapter 2: Key technical concepts
    • Abstract
    • Introduction
    • Bits, bytes, and numbering schemes
    • File extensions and file signatures
    • Storage and memory
    • Computing environments
    • Data types
    • File systems
    • Allocated and unallocated space
    • How magnetic hard drives store data
    • Summary
  • Chapter 3: Labs and tools
    • Abstract
    • Introduction
    • Forensic laboratories
    • Policies and procedures
    • Quality assurance
    • Digital forensic tools
    • Additional resources
    • Alert!
    • Accreditation
    • Summary
  • Chapter 4: Collecting evidence
    • Abstract
    • Introduction
    • Crime scenes and collecting evidence
    • Alert!
    • Alert!
    • Documenting the scene
    • Chain of custody
    • Cloning
    • Alert!
    • Live system versus dead system
    • More advanced
    • Alert!
    • Hashing
    • Final report
    • Summary
  • Chapter 5: Windows system artifacts
    • Abstract
    • Introduction
    • Deleted data
    • More advanced
    • Hibernation file (hiberfile.sys)
    • Registry
    • Print spooling
    • Recycle bin
    • Alert!
    • More advanced
    • Metadata
    • Alert!
    • Thumbnail cache
    • Most recently used
    • Restore points and shadow copy
    • Prefetch
    • Link files
    • Summary
  • Chapter 6: Anti-forensics
    • Abstract
    • Introduction
    • Hiding data
    • Password attacks
    • Additional resources
    • Steganography
    • Data destruction
    • More advanced
    • Summary
  • Chapter 7: Legal
    • Abstract
    • Introduction
    • The fourth amendment
    • Criminal law—searches without a warrant
    • More advanced
    • Alert!
    • Searching with a warrant
    • Electronic discovery
    • Alert!
    • Expert testimony
    • Additional resources
    • Summary
  • Chapter 8: Internet and e-mail
    • Abstract
    • Introduction
    • Internet overview
    • Additional resources
    • More advanced
    • Web browsers—Internet Explorer
    • More advanced
    • E-mail
    • Alert!
    • Social networking sites
    • Additional resources
    • Summary
  • Chapter 9: Network forensics
    • Abstract
    • Introduction
    • Network fundamentals
    • Network security tools
    • Network attacks
    • Alert!
    • Incident response
    • Network evidence and investigations
    • Additional resources
    • Summary
  • Chapter 10: Mobile device forensics
    • Abstract
    • Introduction
    • Cellular networks
    • Operating systems
    • Cell phone evidence
    • Cell phone forensic tools
    • Global positioning systems
    • Summary
  • Chapter 11: Looking ahead: challenges and concerns
    • Abstract
    • Introduction
    • Standards and controls
    • Cloud forensics
    • Additional resources
    • Alert!
    • Solid state drives
    • More advanced
    • Speed of change
    • Additional resources
    • Summary
  • Index

Quotes and reviews

"... this book is well named. It is an entry-level primer to digital forensics, and could be used as an introductory book in a beginning computer forensics course." --Journal of Digital Forensics, Security and Law, Vol 9, No 1

 
 
Free Shipping
Shop with Confidence

Free Shipping around the world
▪ Broad range of products
▪ 30 days return policy
FAQ

Contact Us