Table of Contents
Role of the forensic examiner in the judicial system
Chapter 2: Key technical concepts
Bits, bytes, and numbering schemes
File extensions and file signatures
Allocated and unallocated space
How magnetic hard drives store data
Chapter 4: Collecting evidence
Crime scenes and collecting evidence
Live system versus dead system
Chapter 5: Windows system artifacts
Hibernation file (hiberfile.sys)
Restore points and shadow copy
Criminal law—searches without a warrant
Chapter 8: Internet and e-mail
Web browsers—Internet Explorer
Network evidence and investigations
Chapter 10: Mobile device forensics
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.