14 December 2007
Author:
iNDEx |
Comments (9) | Views: 989
An arcane pursuit a decade ago, forensic science today is a household term. And while the computer forensic analyst may not lead as exciting a life as TV's CSIs do, he or she relies just as heavily on scientific principles and just as surely solves crime.
Whether you are contemplating a career in this growing field or are already an analyst in a Unix/Linux environment, this book prepares you to combat computer crime in the Windows world. Here are the tools to help you recover sabotaged files, track down the source of threatening e-mails, investigate industrial espionage, and expose computer criminals.
Computer forensics applies the same scientific principles as other forensics fields to the identification, acquisition, and analysis of digital evidence. With the advent of the Internet, both network and system forensics are becoming increasingly interrelated. The digital evidence sought by an analyst might reside on any number of devices, including personal digital assistants (PDAs), USB pen drives, digital cameras, and cell phones. Additionally, all modern operating systems are network capable, and it is rare to find standalone PCs with no external connections, providing further evidence on routers, servers, firewalls, and proxys. The field of computer forensics encompasses both system forensics and network forensics, and an understanding of both is required to conduct a thorough investigation.
TABLE OF CONTENT:
Chapter 01 - Windows Forensics
Chapter 02 - Processing the Digital Crime Scene
Chapter 03 - Windows Forensics Basics
Chapter 04 - Partitions and File Systems
Chapter 05 - Directory Structure and Special Files
Chapter 06 - The Registry
Chapter 07 - Forensic Analysis
Chapter 08 - Live System Analysis
Chapter 09 - Forensic Duplication
Chapter 10 - File System Analysis
Chapter 11 - Log File Analysis
Chapter 12 - Internet Usage Analysis
Chapter 13 - Email Investigations
Appendix A - Sample Chain of Custody Form
Appendix B - Master Boot Record Layout
Appendix C - Partition Types
Appendix D - FAT32 Boot Sector Layout
Appendix E - NTFS Boot Sector Layout
Appendix F - NTFS Metafiles
Appendix G - Well-Known SIDs
You must register before you can view this text.
Download - Please Register First!
| Information |
 |
 |
Members of Guest cannot leave comments. |
