2nd Edition

Cyber Forensics A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes, Second Edition

By Albert Marcella, Jr., Doug Menendez Copyright 2010
    526 Pages 124 B/W Illustrations
    by Auerbach Publications

    Designed as an introduction and overview to the field, Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes, Second Edition integrates theory and practice to present the policies, procedures, methodologies, and legal ramifications and implications of a cyber forensic investigation. The authors guide you step-by-step through the basics of investigation and introduce the tools and procedures required to legally seize and forensically evaluate a suspect machine.

    Updating and expanding information on concealment techniques, new technologies, hardware, software, and relevant new legislation, this second edition delineates the scope and goals of cyber forensics to reveal and track legal and illegal activity. Beginning with an introduction and definition of cyber forensics, chapters explain the rules of evidence and chain of custody in maintaining legally valid electronic evidence. They describe how to begin an investigation and employ investigative methodology, as well as establish standard operating procedures for the field and cyber forensic laboratory. The authors provide an in depth examination of the manipulation of technology to conceal illegal activities and the use of cyber forensics to uncover them. They discuss topics and issues such as conducting a cyber forensic investigation within both the local and federal legal framework, and evaluating the current data security and integrity exposure of multifunctional devices.

    Cyber Forensics includes details and tips on taking control of a suspect computer or PDA and its "operating" environment, mitigating potential exposures and risks to chain of custody, and establishing and following a flowchart for the seizure of electronic evidence. An extensive list of appendices include websites, organizations, pertinent legislation, further readings, best practice recommendations, more information on hardware and software, and a recap of the federal rules of civil procedure.

    Introduction
    Cyber Forensic Tools and Utilities
    Concealment Techniques
    Hardware: Model System Platforms
    Software: Operating Systems, Network Traffic, and Applications
    Standard Operating Procedures: Digital Forensic Laboratory Accreditation Standards
    Performing a Cyber Forensic Investigation Flowchart for the Seizure of Electronic Evidence and Associated Internal Control Questionnaire
    Privacy and Cyber Forensics: An Australian Perspective
    The Forensic Black Bag
    Digital Multifunctional Devices: Forensic Value and Corporate Exposure
    Cyber Forensics and the Law: Legal Considerations
    Cyber-Forensics and the Changing Face of Investigating Criminal Behavior
    Electronically Stored Information and Cyber Forensics
    Cyber Forensic Awareness: Management Survey

    Appendices:
    Computer Forensic Web Sites
    Cyber Crime and Forensic Organizations
    Cyber Forensic Training Resources List
    Pertinent Legislation
    Recommended Readings
    Management Assessment: 20 Questions
    Flowchart for the Seizure of a Personal Digital Assistant
    Additional Information: Computer Hardware
    Questions that Every Cyber Investigator Should Ask Before, During, and After an Investigation
    Cyber Forensic Best Practice Recommendations
    Stenography Tools
    Forensic Resources - Literature and Selected Readings
    Forensic Online Resources
    Locating Forensic Data in Windows Registries
    The Sedona Principles for Electronic Document Production
    Recap of Federal Rules of Civil Procedure Involving E-Discovery Amendments
    Selected Acronyms
    Generic Cellular Telephone Search Warrants
    Generic Computer Search Warrant
    Generic Affidavit for Search Warrant Appendix U Configuring the Investigator's Forensic Analysis Machine
    Generic Search Warrant
    Statement of Underlying Facts and Circumstances
    Generic State Court Order-Seizure of Electronic Hardware and Records
    Consent to Search
    Forensic Case Study: Files from the Field
    Glossary of Terms

    Biography

    Albert Marcella Jr., Doug Menendez