Home Page Icon
Home Page
Table of Contents for
Code Snippets
Close
Code Snippets
by Darren R. Hayes
A Practical Guide to Computer Forensics Investigations
About This eBook
Title Page
Copyright Page
Contents at a Glance
Table of Contents
About the Author
About the Technical Reviewer
Dedication
Acknowledgments
We Want to Hear from You!
Reader Services
Introduction
Chapter 1. The Scope of Computer Forensics
Introduction
Popular Myths about Computer Forensics
Types of Computer Forensics Evidence Recovered
Electronic Mail (Email)
Images
Video
Websites Visited and Internet Searches
Cellphone Forensics
What Skills Must a Computer Forensics Investigator Possess?
Computer Science Knowledge
Legal Expertise
Communication Skills
Linguistic Abilities
Continuous Learning
An Appreciation for Confidentiality
The Importance of Computer Forensics
Job Opportunities
A History of Computer Forensics
1980s: The Advent of the Personal Computer
1990s: The Impact of the Internet
Training and Education
Law Enforcement Training
Summary
Key Terms
Assessment
Classroom Discussions
Multiple-Choice Questions
Fill in the Blanks
Projects
Chapter 2. Windows Operating and File Systems
Introduction
Physical and Logical Storage
File Storage
File Conversion and Numbering Formats
Conversion of Binary to Decimal
Hexadecimal Numbering
Conversion of Hexadecimal to Decimal
Conversion of Hexadecimal to ASCII (American Standard Code for Information Interchange)
Unicode
Operating Systems
The Boot Process
Windows File Systems
Windows Registry
Registry Data Types
FTK Registry Viewer
Microsoft Windows Features
Windows Vista
Windows 7
Windows 8.1
Summary
Key Terms
Assessment
Classroom Discussions
Multiple Choice Questions
Fill in the Blanks
Projects
Chapter 3. Handling Computer Hardware
Introduction
Hard Disk Drives
Small Computer System Interface (SCSI)
Integrated Drive Electronics (IDE)
Serial ATA (SATA)
Cloning a PATA or SATA Hard Disk
Cloning Devices
Removable Memory
FireWire
USB Flash Drives
External Hard Drives
MultiMedia Cards (MMCs)
Summary
Key Terms
Assessment
Classroom Discussions
Multiple-Choice Questions
Fill in the Blanks
Projects
References
Chapter 4. Acquiring Evidence in a Computer Forensics Lab
Introduction
Lab Requirements
American Society of Crime Laboratory Directors
American Society of Crime Laboratory Directors/Lab Accreditation Board (ASCLD/LAB)
ASCLD/LAB Guidelines for Forensic Laboratory Management Practices
Scientific Working Group on Digital Evidence (SWGDE)
Private Sector Computer Forensics Laboratories
Evidence Acquisition Laboratory
Email Preparation Laboratory
Inventory Control
Web Hosting
Computer Forensics Laboratory Requirements
Laboratory Layout
Laboratory Management
Laboratory Access
Extracting Evidence from a Device
Using the dd Utility
Using Global Regular Expressions Print (GREP)
Skimmers
Summary
Key Terms
Assessment
Classroom Discussions
Multiple-Choice Questions
Fill in the Blanks
Projects
Chapter 5. Online Investigations
Introduction
Working Undercover
Generate an Identity
Generate an Email Account
Mask Your Identity
Website Evidence
Website Archives
Website Statistics
Background Searches on a Suspect
Personal Information: Mailing Address, Email Address, Telephone Number, and Assets
Personal Interests and Membership of User Groups
Searching for Stolen Property
Online Crime
Identity Theft
Credit Cards for Sale
Electronic Medical Records
Cyberbullying
Social Networking
Capturing Online Communications
Using Screen Captures
Using Video
Viewing Cookies
Using Windows Registry
Summary
Key Terms
Assessment
Classroom Discussions
Multiple-Choice Questions
Fill in the Blanks
Projects
Chapter 6. Documenting the Investigation
Introduction
Obtaining Evidence from a Service Provider
Documenting a Crime Scene
Seizing Evidence
Crime Scene Examinations
Documenting the Evidence
Completing a Chain of Custody Form
Completing a Computer Worksheet
Completing a Hard Disk Drive Worksheet
Completing a Server Worksheet
Using Tools to Document an Investigation
CaseNotes
FragView
Helpful Mobile Applications (Apps)
Network Analyzer
System Status
The Cop App
Lock and Code
Digital Forensics Reference
Federal Rules of Civil Procedure (FRCP)
Federal Rules of Evidence (FREvidence)
Writing Reports
Time Zones and Daylight Saving Time (DST)
Creating a Comprehensive Report
Using Expert Witnesses at Trial
The Expert Witness
The Goals of the Expert Witness
Preparing an Expert Witness for Trial
Summary
Key Terms
Assessment
Classroom Discussions
Multiple-Choice Questions
Fill in the Blanks
Projects
Chapter 8. Network Forensics
Introduction
The Tools of the Trade
Networking Devices
Proxy Servers
Web Servers
DHCP Servers
SMTP Servers
DNS Servers
Routers
IDS
Firewalls
Ports
Understanding the OSI Model
The Physical Layer
The Data Link Layer
The Network Layer
The Transport Layer
The Session Layer
The Presentation Layer
The Application Layer
Advanced Persistent Threats
Cyber Kill Chain
Indicators of Compromise (IOC)
Investigating a Network Attack
Summary
Key Terms
Assessment
Classroom Discussions
Multiple-Choice Questions
Fill in the Blanks
Projects
Chapter 9. Mobile Forensics
Introduction
The Cellular Network
Base Transceiver Station
Mobile Station
Cellular Network Types
SIM Card Forensics
Types of Evidence
Handset Specifications
Memory and Processing
Battery
Other Hardware
Mobile Operating Systems
Android OS
Windows Phone
Standard Operating Procedures for Handling Handset Evidence
National Institute of Standards and Technology
Preparation and Containment
Wireless Capabilities
Documenting the Investigation
Handset Forensics
Cellphone Forensic Software
Cellphone Forensics Hardware
Logical versus Physical Examination
Manual Cellphone Examinations
Flasher Box
Global Satellite Service Providers
Satellite Communication Services
Legal Considerations
Carrier Records
Other Mobile Devices
Tablets
GPS Devices
Summary
Key Terms
Assessment
Classroom Discussions
Multiple-Choice Questions
Fill in the Blanks
Projects
Chapter 10. Photograph Forensics
Introduction
Understanding Digital Photography
File Systems
Digital Photography Applications and Services
Examining Picture Files
Exchangeable Image File Format (EXIF)
Evidence Admissibility
Federal Rules of Evidence (FRE)
Analog vs. Digital Photographs
Case Studies
Worldwide Manhunt
NYPD Facial Recognition Unit
Summary
Key Terms
Assessment
Classroom Discussions
Multiple-Choice Questions
Fill in the Blanks
Projects
Chapter 12. Case Studies
Introduction
Zacharias Moussaoui
Background
Digital Evidence
Standby Counsel Objections
Prosecution Affidavit
Exhibits
Email Evidence
BTK (Bind Torture Kill) Killer
Profile of a Killer
Evidence
Cyberbullying
Federal Anti-harassment Legislation
State Anti-harassment Legislation
Warning Signs of Cyberbullying
What Is Cyberbullying?
Phoebe Prince
Ryan Halligan
Megan Meier
Tyler Clementi
Sports
Summary
Key Terms
Assessment
Classroom Discussions
Multiple-Choice Questions
Fill in the Blanks
Project
Assessment of Cases by Judges
Index
Answers to Multiple-Choice and Fill in the Blanks Questions
Chapter 1 Answers
Multiple-Choice
Fill in the Blanks
Chapter 2 Answers
Multiple-Choice
Fill in the Blanks
Chapter 3 Answers
Multiple-Choice
Fill in the Blanks
Chapter 4 Answers
Multiple-Choice
Fill in the Blanks
Chapter 5 Answers
Multiple-Choice
Fill in the Blanks
Chapter 6 Answers
Multiple-Choice
Fill in the Blanks
Chapter 7 Answers
Multiple-Choice
Fill in the Blanks
Chapter 8 Answers
Multiple-Choice
Fill in the Blanks
Chapter 9 Answers
Multiple-Choice
Fill in the Blanks
Chapter 10 Answers
Multiple-Choice
Fill in the Blanks
Chapter 11 Answers
Multiple-Choice
Fill in the Blanks
Chapter 12 Answers
Multiple-Choice
Fill in the Blanks
Code Snippets
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
A Practical Guide to Computer Forensics Investigations
Next
Next Chapter
Images
Code Snippets
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset