Introduction
The field of digital forensics has grown immensely and diversified over the past few years for a number of reasons. Therefore, this book addresses these changes in a number of new and existing chapters. The proliferation of IoT devices, wearable technologies and other new technologies, like 5G, are explained in detail in Chapter 14 because their impact on digital forensics will be profound. The chapter also discusses how new technologies are changing policing and the safety of law enforcement officers. The chapter also discusses the growing field of vehicle forensics.
There has been no slowdown in the number of network breaches globally; therefore, the need for digital forensics examiners in incident response is greater than ever. Therefore, Chapter 8 is focused on developing the skills of incident responders and highlighting indicators of compromise.
Mobile forensics continually changes and these changes are addressed in numerous chapters, including Chapter 7, when some Supreme Court landmark decisions have changed the rules for law enforcement. Chapter 9 provides an introduction to Mobile Forensics but also explains the changes in Android devices and methods of examination. Chapter 12 explains how iPhone examinations have changed dramatically and shows how full file system extractions are now available with a recently discovered exploit. Mobile applications (apps) save an immense amount of personal information and pretty much every investigation includes at least one mobile device. Therefore, Chapter 10 is a new chapter that provides investigators with forensic techniques to perform both a static and a dynamic examination of mobile apps. Furthermore, this chapter explains how real-time intelligence can be gathered from many popular apps.
Every chapter has been updated extensively to incorporate many recent changes in technology and newly discovered techniques to obtain digital evidence.
This book assumes no prior knowledge of the subject matter, and I have written it for both high school and university students and professional forensics investigators. Additionally, other professions can clearly benefit from reading this book—it is useful for lawyers, forensic accountants, security professionals, and others who have a need to understand how digital evidence is gathered, handled, and admitted to court. The book places a significant emphasis on process and adherence to the law, which are equally important to the evidence that can ultimately be retrieved.
The reader of this book should also realize that comprehensive knowledge of computer forensics can lead to a variety of careers. Digital forensics examiners and experts work for accounting firms, software companies, banks, law enforcement, intelligence agencies, and consulting firms. Every major company has an incident response team and many have a threat intelligence team or department. This book will certainly benefit those in that profession or perhaps those considering a career change. The growth of social media and open source data and tools creates a wealth of information for investigators and these are discussed in the book. Some are experts in mobile forensics, some excel in network forensics, and others focus on personal computers. Other experts specialize xxxviiiin Mac forensics or reverse engineering malware. The good news for graduates with computer forensics experience is that they have a variety of directions to choose from: the job market for them will remain robust, with more positions than graduates for the foreseeable future.
This book is a practical guide, not only because of the hands-on activities it offers, but also because of the numerous case studies and practical applications of computer forensics techniques. Case studies are a highly effective way to demonstrate how particular types of digital evidence have been successfully used in different investigations.
Finally, this book often refers to professional computer forensics tools that can be expensive. You should realize that academic institutions can take advantage of significant discounts when purchasing these products. The book makes a point of mentioning many free or low-cost forensics tools that can be just as effective as some of the expensive tools. You can definitely develop your own program or laboratory in a budget-conscious way.
Register this book to unlock the data files that are needed to complete the end-of-chapter projects.
Follow the steps below:
Go to www.pearsonITcertification.com/register and log in or create a new account.
Enter the ISBN: 9780789759917.
Click on the “Access Bonus Content” link in the Registered Products section of your account page, to be taken to the page where your downloadable content is available.