Cyber Forensics: A Field Manual for Collecting, Examining, and...

Features

• Cover Type: Hard Cover with 528 pages
• Published by: AUERBACH
• Edition: 2nd Edition December 19, 2007
• Written in: English
• ISBN 10 Number: 0849383285
• ISBN 13 Number: 978-0849383281
• Book Dimensions: 10.1 x 6.9 x 1.4 inches
• Weighs: 2.4 pounds

Book Description
Updating and expanding information on concealment techniques, new technologies, hardware, software, and relevant new legislation, this second edition details scope of cyber forensics to reveal and track legal and illegal activity. Designed as an introduction and overview to the field, the authors guide you step-by-step through the basics of investigation and introduce the tools and procedures required to legally seize and forensically evaluate a suspect machine. The book covers rules of evidence, chain of custody, standard operating procedures, and the manipulation of technology to conceal illegal activities and how cyber forensics can uncover them. Extensive appendices include websites, organizations, pertinent legislation, best practice, hardware and software, and a recap of the federal rules of civil procedure.

Book Info
Provides a comprehensive, highly usable, and clearly organized resource to the issues, tools, and control techniques needed to successfully investigate illegal activities perpetuated through the use of information technology. --This text refers to the Paperback edition.

Reader Reviews
This review is from: Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes (Paperback) This book is an excellent follow-on book to Computer Forensics: Incident Response Essentials by Kruse and Heiser, which introduces the fundamentals. This book goes much deeper and is more technical than the Kruse and Heise, therefore the ideal audience is practicing professionals who have prior experience in forensics and a wide range of hardware, software and network knowledge. Tools and techniques are presented in painstaking detail. I was unable to find a single gap or omission, which speaks highly of the editorial and review process behind this book's 464 pages. While most technical disciplines can dispense with finer details, the nature of forensics is to overlook nothing. If you find the step-by-step thoroughness boring that is an indication that forensics may not be your forte; if you're an experienced professional you'll appreciate the coverage of every technique or use of tools. While the discussion of tools and techniques will satisfy even the most experienced practitioner, I found the detailed discussion of legal aspects, HR considerations and overall security and incident response processes to be the book's strongest points. This area is what sets forensics experts apart from technicians, and it is here that the book (in my opinion) adds the most value. Procedures ranging from how to properly gather, preserve and control evidence, to legal considerations for designing processes are covered in clear language, as are US and international legal guidelines. Parts that I especially like include: intrusion management and profiling, up-to-date information on electronic commerce legal issues, the numerous checklists and cited resources, and the clearly delineated process for dealing with incidents. If you're new to forensics you will probably get more from this book by first reading Computer Forensics: Incident Response Essentials by Kruse and Heiser. If, however, you have previous computer forensics experience or are currently serving in that role this book is probably one of the best investments you can make. Comment | | (Report this)