Introduction to Digital Forensics

Introduction to Digital Forensics A "short and sweet" introduction to the topic of Digital Forensics

This book is a "short and sweet" introduction to the topic of Digital Forensics, covering theoretical, practical and legal aspects. The first part of the book focuses on the history of digital forensics as a discipline and discusses the traits and requirements needed to become an forensic analyst. The middle portion of the book constitutes a general guide to a digital forensic investigation, mostly focusing on computers. It finishes with a discussion of the legal aspects of digital forensics as well as some other observations for managers or other interested parties.

Contents

 * /Introduction/
 * Overview of the topic and introduction to the book


 * /So you want to be a forensic analyst/?
 * Who can benefit from this material?


 * /Requirements/
 * Hardware and software requirements

Digital forensics

 * /A history/
 * A brief history of the discipline


 * Types of investigations
 * Investigations can take many forms


 * /The forensic process/
 * Description of the traditional digital forensic process


 * /Terminology/
 * Before we begin, explanation of some words

Acquiring Evidence

 * /Documenting evidence/
 * How to document exhibits and media


 * /Acquisition/
 * Notes on the authentication of evidence


 * Example task
 * Have a go at recording and acquiring some data

Analysis

 * /Forensic tools/
 * Common forensic tools and their uses


 * /First steps in analysis/
 * Where to begin? Often a daunting question


 * /Chat, email and internet artefacts/
 * One of the main areas of investigation will be the internet cache


 * /Image investigations/
 * Images can contain a wealth of information


 * /Linux & Mac/
 * Some significant differences & problems exist when examining different operating systems


 * Example task
 * Perform a simple analysis

Reporting findings

 * /Reporting/
 * Reporting is one of the key aspects of digital forensics


 * /Giving expert evidence/
 * How to defend your findings in court


 * Example task
 * Try your hand at putting together a simple report

Mobile devices

 * /Mobile devices/
 * An introduction to mobile device forensics


 * /Mobile forensics tools/
 * Hardware/software for mobile analysis


 * /Mobile device analysis/
 * Specific notes for analysing mobile devices

Legal considerations

 * /Criminal investigations/
 * Considerations when investigating crime


 * /Civil investigations (eDiscovery)/
 * The various rules relating to civil investigation


 * /Seizing digital media/
 * Important considerations apply to how and when you can seize media

Advice

 * /Managing an investigation/
 * Advice for managers handling a digital investigation


 * /Anti-forensics/
 * Counter measures to impair forensics analysis

Appendices

 * /Glossary/
 * /Authors/
 * /Bibliography/
 * /Further reading/