Sale!

Computer Evidence Collection and Preservation 2nd Edition by Christopher LT Brown ISBN 1584506997 978-1584506997

Original price was: $50.00.Current price is: $35.00.

Computer Evidence Collection and Preservation 1st Edition Christopher Lt(Christopher L.T. Brown) Brown Digital Instant Download

Author(s): Christopher LT(Christopher L.T. Brown) Brown
ISBN(s): 9781584506362, 1584506369
Edition: 1
File Details: PDF, 5.10 MB
Year: 2005
Language: english
SKU: EB-1102138 Category: Tag:

Computer Evidence Collection and Preservation 2nd Edition by Christopher LT Brown – Ebook PDF Instant Download/Delivery:1584506997 ,978-1584506997
Full download Computer Evidence Collection and Preservation 2nd Edition after payment

Computer Evidence: Collection and Preservation

Product details: 

ISBN 10:1584506997

ISBN 13:978-1584506997

Author:Christopher LT Brown

As computers and data systems continue to evolve, they expand into every facet of our personal and business lives. Never before has our society been so information and technology driven. Because computers, data communications, and data storage devices have become ubiquitous, few crimes or civil disputes do not involve them in some way. This book teaches law enforcement, system administrators, information technology security professionals, legal professionals, and students of computer forensics how to identify, collect, and maintain digital artifacts to preserve their reliability for admission as evidence. It has been updated to take into account changes in federal rules of evidence and case law that directly address digital evidence, as well as to expand upon portable device collection.

Table of contents: 

Part I: Computer Forensics and Evidence Dynamics

  1. Computer Forensics Essentials

  • What Is Computer Forensics?

  • Crime Scene Investigation

  • Phases of Computer Forensics

  • Formalized Computer Forensics from the Start

  • Who Performs Computer Forensics?

  • Seizing Computer Evidence

  • Challenges to Computer Evidence

  • Summary

  • References

  • Resources

  1. Rules of Evidence, Case Law, and Regulation

  • Understanding Rules of Evidence

  • 2007 Amendments to the FRCP

  • Expert Witness (Scientific) Acceptance

  • Testifying Tips: You Are the Expert

  • Computer-Related Case Law

  • Regulation

  • Summary

  • References

  • Resources

  1. Evidence Dynamics

  • Forces of Evidence Dynamics

  • Human Forces

  • Natural Forces

  • Equipment Forces

  • Proper Tools and Procedures

  • References

  • Resources

Part II: Information Systems
4. Interview, Policy, and Audit

  • Subject Interviews

  • Policy Review

  • Audit

  • Recommendations

  • Scope

  • Host-Specific Findings

  • Conclusion

  • References

  • Resources

  1. Network Topology and Architecture

  • Networking Concepts

  • Types of Networks

  • Physical Network Topology

  • Network Cabling

  • Wireless Networks

  • Open Systems Interconnection (OSI) Model

  • TCP/IP Addressing

  • Diagramming Networks

  • Summary

  • Resources

  1. Volatile Data

  • Types and Nature of Volatile Data

  • Operating Systems

  • Volatile Data in Routers and Appliances

  • Traditional Incident Response of Live Systems

  • Understanding Windows Rootkits in Memory

  • Accessing Volatile Data

  • References

Part III: Data Storage Systems and Media
7. Physical Disk Technologies

  • Physical Disk Characteristics

  • Physical Disk Interfaces and Access Methods

  • Logical Disk Addressing and Access

  • Disk Features

  • References

  • Resources

  1. SAN, NAS, and RAID

  • Disk Storage Expanded

  • Redundant Array of Independent Disks

  • Storage Area Networks

  • Network-Attached Storage

  • Storage Service Providers

  • Summary

  • Resources

  1. Removable Media

  • Removable, Portable Storage Devices

  • Tape Systems

  • Optical Discs

  • Removable Disks–Floppy and Rigid

  • Flash Media

  • Summary

  • Resources

Part IV: Artifact Collection
10. Tools, Preparation, and Documentation

  • Boilerplates

  • Hardware Tools

  • Software Tools

  • Tool Testing

  • Documentation

  • Summary

  • References

  • Resources

  1. Collecting Volatile Data

  • Benefits of Volatile-Data Collection

  • A Blending of Incident Response and Forensics

  • Building a Live Collection Disk

  • Live Boot CD-ROMs

  • Summary

  • References

  • Resources

  1. Imaging Methodologies

  • Approaches to Collection

  • Bit-Stream Images

  • Local Dead System Collection

  • Verification, Testing, and Hashing

  • Live and Remote Collection

  • Summary

  • References

  • Resources

  1. Large System Collection

  • Large System Imaging Methodologies

  • Tying Together Dispersed Systems

  • Risk-Sensitive Evidence Collection

  • Summary

  • References

  1. Personal Portable Device Collection

  • Device Architectures

  • Special Collection Considerations

  • Mobile Phones

  • Special-Purpose Personal Devices

  • References

  • Resources

Part V: Archiving and Maintaining Evidence
15. The Forensics Workstation

  • The Basics

  • Lab Workstations

  • Portable Field Workstations

  • Configuration Management

  • Summary

  • References

  • Resources

  1. The Forensics Lab

  • Lab and Network Design

  • Logical Design, Topology, and Operations

  • Storage

  • Lab Certifications

  • Summary

  • References

  1. What’s Next

  • Areas of Interest

  • Training, Knowledge, and Experience

  • Analysis and Reporting

  • Methodologies

  • Professional Advancement

  • Summary

  • References

  • Resources

Part VI: Computer Evidence Collection and Preservation Appendixes

People also search for:

5 steps in a process to collect digital evidence

collection preservation and storage of digital evidence

guide to computer forensics and investigations processing digital evidence

biological evidence collection and preservation

what is evidence collection forensics

Tags: Christopher LT Brown, Computer, Evidence, Collection