Chapter 1 Introduction to Forensics
What Is Cyber Forensics?
Understanding the Science of Forensics
Elements of the Crime
Knowledge Base Needed for Cyber Forensics
The Fundamental Principles of Cyber Forensics
Maintaining Chain of Custody
Federal Guidelines Forensics Investigators Need to Know
The Need for Cyber Forensics Certification
Chapter Review
Questions
Answers
References
Chapter 2 The Investigative Process
Chain of Custody
Securing the Scene
Documentation
Authority and Objectives
Examination
Code of Ethics
Ethical Conduct Outside the Investigation
Ethical Investigations
The Evidence
The Forensic Investigator as an Expert
Chapter Review
Questions
Answers
References
Chapter 3 Evidence Management
Evidence Collection
Evidence Transport
Evidence Storage
Evidence Access Control
Evidence Disposition
Chapter Review
Questions
Answers
References
Part II : Forensic Science
Chapter 4 Principles and Methods
Scientific Approach to Forensics
Identify and Classify Evidence
Locations Where Evidence May Reside
Recovering Data
Media File Forensic Steps
Chapter Review
Questions
Answers
References
Chapter 5 Forensic Analysis
Planning
Case Notes and Reports
Quality Control
Chapter Review
Questions
Answers
References
Part III : Digital Forensics
Chapter 6 Hardware Forensics
Hard Drive Specifications
Recovering from Damaged Media
Operating System Specifics
Extracting Deleted Files
Encrypted Files
Chapter Review
Questions
Answers
References
Chapter 7 Hidden Files and Antiforensics
Cryptography
Steganography
Cryptanalysis
Log Tampering
Other Techniques
Chapter Review
Questions
Answers
References
Chapter 8 Network Forensics
Network Packet Analysis
Wireless
Router Forensics
Firewall Forensics
Logs to Examine
Operating System Utilities
Network Structure
Social Networks
Chapter Review
Questions
Answers
References
Chapter 9 Virtual Systems
Types of Virtual Systems
Forensic Issues
Chapter Review
Questions
Answers
References
Chapter 10 Mobile Forensics
Cellular Device Concepts
What Evidence Can You Get from a Mobile Device?
Seizing Evidence from a Phone
Summary
Questions
Answers
References
Part IV : Application Forensics and Emerging Technologies
Chapter 11 Application Forensics
File Formats
Windows File Copying
Web Forensics
E-mail Forensics
Database Forensics
Chapter Review
Questions
Answers
References
Chapter 12 Malware Forensics
Viruses
Trojan Horses
Spyware
The Buffer Overflow
Rootkit
Logic Bombs
Ransomware
Advanced Persistent Threats
Malware Analysis
Chapter Review
Questions
Answers
References
Chapter 13 New and Emerging Forensics Technology
Social Networks
New Devices
Control Systems and Infrastructure
Online Gaming
Electronic Discovery
Chapter Review
Questions
Answers
References
Appendix About the Download
System Requirements
Total Tester Premium Practice Exam Software
Installing and Running Total Tester Premium Practice Exam Software
PDF Copy of the Book
Technical Support
Glossary
Index