Overview
Main description
"Provides the right mix of practical how-to knowledge in a straightforward, informative fashion that ties it all the complex pieces together with real-world case studies. ...Delivers the most valuable insight on the market. The authors cut to the chase of what people must understand to effectively perform computer forensic investigations." --Brian H. Karney, COO, AccessData Corporation
The latest strategies for investigating cyber-crime
Identify and investigate computer criminals of all stripes with help from this fully updated. real-world resource. Hacking Exposed Computer Forensics, Second Edition explains how to construct a high-tech forensic lab, collect prosecutable evidence, discover e-mail and system file clues, track wireless activity, and recover obscured documents. Learn how to re-create an attacker's footsteps, communicate with counsel, prepare court-ready reports, and work through legal and organizational challenges. Case studies straight from today's headlines cover IP theft, mortgage fraud, employee misconduct, securities fraud, embezzlement, organized crime, and consumer fraud cases.
- Effectively uncover, capture, and prepare evidence for investigation
- Store and process collected data in a highly secure digital forensic lab
- Restore deleted documents, partitions, user activities, and file systems
- Analyze evidence gathered from Windows, Linux, and Macintosh systems
- Use the latest Web and client-based e-mail tools to extract relevant artifacts
- Overcome the hacker's anti-forensic, encryption, and obscurity techniques
- Unlock clues stored in cell phones, PDAs, and Windows Mobile devices
- Prepare legal documents that will hold up to judicial and defense scrutiny
Table of contents
Part 1: Preparing for an Incident; Ch. 1: The Forensics Process; Ch. 2: Computer Fundamentals; Ch. 3: Forensics Lab Environment Preparation; Part 2: Collecting the Evidence; Ch. 4: Forensically Sound Evidence Collection; Ch. 5: Remote Investigations and Collections; Part 3: Forensic Investigation Techniques; Ch. 6: Microsoft Windows Systems Analysis; Ch. 7: Linux Analysis; Ch. 8: Macintosh Analysis; Ch. 9: Defeating Anti-Forensic Techniques; Ch. 10: Enterprise Storage Analysis; Ch. 11: Email Analysis; Ch. 12: Tracking User Activity; Ch. 13: Forensic Analysis of Mobile Devices; Part 4: Presenting your Findings;Ch. 14: Documenting the Investigation;Ch. 15: The Justice System;Part 5: Putting It All Together; Ch. 16: IP Theft;Ch. 17: Employee Misconduct;Ch. 18: Employee Fraud;Ch. 19: Corporate Fraud;Ch. 20. Organized Cyber Crime;Ch. 21. Consumer Fraud;Appendix A. Searching Techniques;Index
Author comments
Aaron Philipp is a managing consultant in the Disputes and Investigations practice at Navigant Consulting, which assists domestic and global corporations and their counsel who face complex and risky legal challenges.
David Cowen, CISSP, is a partner at G-C Partners, LLC, where he provides expert witness services and consulting to Fortune 500 companies nationwide.
Chris Davis, CISA, CISSP, is an information security and computer forensics author, trainer, and presenter.
