The Basics of Digital Forensics: The Primer for Getting Started in Digital Forensics

The Basics of Digital Forensics: The Primer for Getting Started in Digital Forensics

John Sammons

Language: English

Pages: 219

ISBN: B011DALQDA

Format: PDF / Kindle (mobi) / ePub


The Basics of Digital Forensics provides a foundation for people new to the digital forensics field. This book teaches you how to conduct examinations by discussing what digital forensics is, the methodologies used, key technical concepts and the tools needed to perform examinations. Details on digital forensics for computers, networks, cell phones, GPS, the cloud, and Internet are discussed. Also learn how to collect evidence, document the scene, and how deleted data is recovered.
* Learn all about what Digital Forensics entails
* Build a toolkit and prepare an investigative plan
* Understand the common artifacts to look for during an exam

Vegas Pro 11 Editing Workshop

The Hacker's Guide to OS X: Exploiting OS X from the Root Up

Arquillian Testing Guide

Java: The Complete Reference (9th Edition)

WebUser [UK], Issue 384 (18 November - 1 December 2015)

Algorithms and Parallel Computing (Wiley Series on Parallel and Distributed Computing)

 

 

 

 

 

 

 

 

 

 

 

 

run could be relevant to an investigation. Drive wiping software, for example, could be of particular interest. The Windows Registry and the prefetching function are two sources of this potentially relevant information. REFERENCES 1. Bard, J. (n.d.). The Windows Registry. Retrieved May 2, 2011, from: http://technet.microsoft.com/en-us/library/cc751049.aspx. 2. Brodkin, J. (n.d.). Windows on Verge of Dropping Below 90% Market Share. Retrieved May 2, 2011, from:

searches. In the latest version of Firefox, running in private mode will no longer save visited pages, form and search bar entries, passwords, download list entries, cookies, and web cache files (Mozilla Foundation, 2011). See Figure 6.1. Figure 6.1 The “Start Private Browsing” menu option in Firefox 6.0. Also note the option to “Clear Recent History.” In this chapter we're going to take a look at several techniques used to hide or destroy digital evidence. As you'll see, some of these

behaviors that necessitated new statutes outlawing them. Some of these are simply old crimes with a new twist. In this instance, the technology just facilitated the crime in an up-to-date, more efficient way. Search authority is the very first step in the digital forensic process. The authority itself can take many forms, depending on which venue you're working in at the time. Whether it be a civil or criminal case, having valid search authority is a requirement. In fact, it's the first step in

is established when there is “a fair probability that contraband or evidence of a crime will be found in a particular place” (Illinois v. Gates, 1983). Another way to look at it is more likely than not the items or persons to be seized will be found at that specific location. Mathematically, this would equate to a probability of 51 percent. When applying for a warrant, it's helpful to determine the role of the computer in the crime. The computer can be considered contraband if it contains child

digital devices. If you have a moderate or advanced understanding of digital forensics, this book may not be for you. As part of Syngress's “Basics” series, I wrote this book more as a broad introduction to the subject rather than an all-encompassing tome. I've tried to use as much “plain English” as possible, making it (hopefully) an easier read. I'd like to emphasize that this is an introductory book that is deliberately limited in length. Given that, there is much that couldn't be covered in

Download sample

Download