Learn Computer Forensics from a veteran investigator and technical trainer and explore how to properly document digital evidence collected

Key Features

• Investigate the core methods of computer forensics to procure and secure advanced digital evidence skillfully
• Record the digital evidence collected and organize a forensic examination on it
• Perform an assortment of Windows scientific examinations to analyze and overcome complex challenges

Book Description

Computer Forensics, being a broad topic, involves a variety of skills which will involve seizing electronic evidence, acquiring data from electronic evidence, data analysis, and finally developing a forensic report.

This book will help you to build up the skills you need to work in a highly technical environment. This book's ideal goal is to get you up and running with forensics tools and techniques to successfully investigate crime and corporate misconduct. You will discover ways to collect personal information about an individual from online sources. You will also learn how criminal investigations are performed online while preserving data such as e-mails, images, and videos that may be important to a case. You will further explore networking and understand Network Topologies, IP Addressing, and Network Devices. Finally, you will how to write a proper forensic report, the most exciting portion of the forensic exam process.

By the end of this book, you will have developed a clear understanding of how to acquire, analyze, and present digital evidence, like a proficient computer forensics investigator.

What you will learn

• Explore the investigative process, rules of evidence, legal process, and ethical guidelines
• Understand the difference between sectors, clusters, volumes, and file slack
• Validate forensic equipment, computer program, and examination methods
• Create and validate forensically sterile media
• Gain the ability to draw conclusions based on the exam discoveries
• Record discoveries utilizing the technically correct terminology
• Discover the limitations and guidelines for RAM Capture and its tools
• Explore timeline analysis, media analysis, string searches, and recovery of deleted data

Who this book is for

This book is for IT beginners, students, or an investigator in the public or private sector. This book will also help IT professionals who are new to incident response and digital forensics and are looking at choosing cybersecurity as their career. Individuals planning to pass the Certified Forensic Computer Examiner (CFCE) certification will also find this book useful.

Table of Contents

1. Types of Computer-Based Investigations
2. The Forensic Analysis Process
3. Acquisition of Evidence
4. Computer Systems
5. Computer Investigation Process
6. Windows Artifact Analysis
7. RAM Memory Forensic Analysis
8. Email Forensics - Investigation Techniques
9. Internet Artifacts
10. Online Investigations
11. Networking Basics
12. Report Writing
13. Expert Witness Ethics
14. Assessments

Review

"Just like the first edition of this book, the second is as amazing. I wish had a book like this when I first started learning about digital forensics.

My favorite chapter was about web browser artifacts. There are so many web browsers and it can feel very overwhelming to remember what to look for when it comes to determining the history of internet users. Not anymore with this book. The author explains to the reader where web browser artifacts are located on a host machine and what to look for. It’s my new reference guide to help locate these artifacts quicker.

Please consider reading this book. My new favorite book"

Peter Phurchpean GSEC, GCFE, GCFA, FEXCE, MCFE

Digital Forensics and Incident Response (DFIR) - Computer Crimes Investigations

About the Author

William Oettinger is a veteran technical trainer and investigator. He is a retired police officer with the Las Vegas Metropolitan Police Department and a retired CID agent with the United States Marine Corps. He is a professional with over 20 years of experience in academic, local, military, federal, and international law enforcement organizations, where he acquired his multifaceted experience in IT, digital forensics, security operations, law enforcement, criminal investigations, policy, and procedure development. He has earned an MSc from Tiffin University, Ohio. When not working, he likes to spend time with his wife and his three miniature schnauzers.