Record ID | ia:guidetocomputerf0000nels_d3t7 |
Source | Internet Archive |
Download MARC XML | https://archive.org/download/guidetocomputerf0000nels_d3t7/guidetocomputerf0000nels_d3t7_marc.xml |
Download MARC binary | https://www.archive.org/download/guidetocomputerf0000nels_d3t7/guidetocomputerf0000nels_d3t7_meta.mrc |
LEADER: 07472cam 2200457Ma 4500
001 on1105718212
003 OCoLC
005 20220214010843.0
008 090918s2010 nyua b 001 0 eng d
007 co ugu||||||||
040 $aU@J$beng$cU@J$dOCLCO$dOCLCF$dOCLCQ
015 $aGBA995553$2bnb
016 7 $a015381644$2Uk
020 $a9781435498839$q(pbk.)
020 $a1435498836$q(pbk.)
020 $a9788131519462
020 $a8131519465
035 $a(OCoLC)1105718212
050 14 $aHV8079.C65$bG85 2010
100 1 $aNelson, Bill.
245 10 $aGuide to computer forensics and investigations /$cBill Nelson, Amelia Phillips, Christopher Steuart.
246 30 $aComputer forensics and investigations
250 $a4th ed.
260 $aBoston, MA :$bCourse Technology Cengage Learning,$c©2010.
300 $axxv, 682 pages :$billustrations ;$c24 cm
336 $atext$btxt$2rdacontent
337 $aunmediated$bn$2rdamedia
338 $avolume$bnc$2rdacarrier
504 $aIncludes bibliographical references (pages 607-611) and index.
505 2 $aPreface -- Introduction -- 1. Computer forensics and investigations as a profession -- Understanding computer forensics -- Preparing for computer investigations -- Maintaining professional conduct -- Chapter summary -- Key terms -- Review questions -- Hands-on projects -- Case projects -- 2. Understanding computing investigations -- Preparing a computer investigation -- Taking a systematic approach -- Procedures for corporate high-tech investigations -- Understanding data recovery workstations and software -- Conducting an investigation -- Completing the case -- Chapter summary -- Key terms -- Review questions -- Hands-on projects -- Case projects -- 3. The investigator's office and laboratory -- Understanding forensics lab certification requirements -- Determining the physical requirements for a computer forensics lab -- Selecting a basic forensic workstation -- Building a business case for developing a forensics lab -- Chapter summary -- Key terms -- Review questions -- Hands-on projects -- Case projects -- 4. Data acquisition -- Understanding storage formats for digital evidence -- Determining the best acquisition method -- Contingency planning for image acquisitions -- Using acquisition tools -- Validating data acquisitions -- Performing RAID data acquisitions -- Using remote network acquisition tools -- Using other forensics acquisition tools -- Chapter summary -- Key terms -- Review questions -- Hands-on projects -- Case projects
505 2 $a5. Processing crime and incident scenes -- Identifying digital evidence -- Collecting evidence in private-sector incident scenes -- Processing law enforcement crime scenes -- Preparing for a search -- Securing a computer incident or crime scene -- Seizing digital evidence at the scene -- Storing digital evidence -- Obtaining a digital hash -- Reviewing a case -- Chapter summary -- Key terms -- Review questions -- Hands-on projects -- Case projects -- 6. Working with Windows and DOS systems -- Understanding file systems -- Exploring Microsoft file structures -- Examining NTFS disks -- Understanding whole disk encryption -- Understanding the Windows registry -- Understanding Microsoft startup tasks -- Understanding MS-DOS startup tasks -- Understanding virtual machines -- Chapter summary -- Key terms -- Review questions -- Hands-on projects -- Case projects -- 7. Current computer forensics tools -- Evaluating computer forensics tool needs -- Computer forensics software tools -- Computer forensics hardware tools -- Validating and testing forensics software -- Chapter summary -- Key terms -- Review questions -- Hands-on projects -- Case projects -- 8. Macintosh and Linux boot processes and file systems -- Understanding the Macintosh file structure and boot process -- Examining UNIX and Linux disk structures and boot processes -- Understanding other disk structures -- Chapter summary -- Key terms -- Review questions -- Hands-on projects -- Case projects
505 2 $a9. Computer forensics analysis and validation -- Determining what data to collect and analyze -- Validating forensic data -- Addressing data-hiding techniques -- Performing remote acquisitions -- Chapter summary -- Key terms -- Review questions -- Hands-on projects -- Case projects -- 10. Recovering graphics files -- Recognizing a graphics file -- Understanding data compression -- Locating and recovering graphics files -- Identifying unknown file formats -- Understanding copyright issues with graphics -- Chapter summary -- Key terms -- Review questions -- Hands-on projects -- Case projects -- 11. Virtual machines, network forensics, and live acquisitions -- Virtual machines overview -- Network forensics overview -- Performing live acquisitions -- Developing standard procedures for network forensics -- Using network tools -- Chapter summary -- Key terms -- Review questions -- Hands-on projects -- Case projects -- 12. E-mail investigations -- Exploring the role of e-mail in investigations -- Exploring the roles of the client and server in e-mail -- Investigating e-mail crimes and violations -- Understanding e-mail servers -- Using specialized e-mail forensics tools -- Chapter summary -- Key terms -- Review questions -- Hands-on projects -- Case projects -- 13. Cell phone and mobile device forensics -- Understanding mobile device forensics -- Understanding acquisition procedures for cell phones and mobile devices -- Chapter summary -- Key terms -- Review questions -- Hands-on projects -- Case projects
505 2 $a14. Report writing for high-tech investigations -- Understanding the importance of reports -- Guidelines for writing reports -- Generating report findings with forensics software tools -- Chapter summary -- Key terms -- Review questions -- Hands-on projects -- Case projects -- 15. Expert testimony in high-tech investigations -- Preparing for testimony -- Testifying in court -- Preparing for a deposition or hearing -- Preparing forensics evidence for testimony -- Chapter summary -- Key terms -- Review questions -- Hands-on projects -- Case projects -- 16. Ethics for the expert witness -- Applying ethics and codes to expert witnesses -- Organizations with codes of ethics -- Ethical difficulties in expert testimony -- An ethics exercise -- Chapter summary -- Key terms -- Review questions -- Hands-on projects -- Case projects -- Appendix A. Certification test references -- NIST computer forensics tool testing -- Types of computer forensics certifications -- Appendix B. Computer forensics references -- Appendix C. Computer forensics lab considerations -- International lab certification -- Considering office ergonomics -- Considering environmental conditions -- Considering structural design factors -- Planning for communications -- Installing fire-suppression systems -- Appendix D. DOS file system and forensics tools -- Overview of FAT directory structures -- Sample DOS scripts -- Creating forensic boot media -- Using MS-DOS acquisition tools -- Quick references for DriveSpy -- Using X-Ways replica -- Glossary -- Index.
650 0 $aComputer security.
650 0 $aComputer crimes$xInvestigation.
650 7 $aComputer crimes$xInvestigation.$2fast$0(OCoLC)fst00872065
650 7 $aComputer security.$2fast$0(OCoLC)fst00872484
700 1 $aPhillips, Amelia.
700 1 $aSteuart, Christopher.
994 $aZ0$bP4A
948 $hNO HOLDINGS IN P4A - 1 OTHER HOLDINGS