System Forensics, Investigation, and Response, Third Edition

System Forensics, Investigation, and Response, Third Edition

Chuck Easttom
ISBN-13: 978-1-284-12184-1
336 pages
© 2019

Learn More
Request a Review Copy

  • Description
  • Applied Labs
  • Table of Contents
  • Course Objectives
  • Resources

Revised and updated to address current issues and technology, System Forensics, Investigation, and Response, Third Edition provides a solid, broad grounding in digital forensics. The text begins by examining the fundamentals of system forensics: what forensics is, the role of computer forensics specialists, computer forensic evidence, and application of forensic analysis skills. It also gives an overview of computer crimes, forensic methods, and laboratories. Part II addresses the tools, techniques, and methods used to perform computer forensics and investigation. Finally, Part III explores emerging technologies as well as future directions of this interesting and cutting-edge field.

Key Features

  • Covers all aspects of forensics: procedures, legal issues, and scientific principles as well as specific hands on forensics with Windows, smart phones, memory, network forensics, and Macintosh forensics
  • New and expanded content on mobile device forensics, addressing the most current issues
  • Additional information on memory forensics
  • Updated and expanded coverage on legal issues
  • Significantly expanded material on Windows forensics
  • Includes information on how to write reports
  • Available with the Virtual Security Cloud Labs which provide a hands-on, immersive mock IT infrastructure enabling students to test their skills with realistic security scenarios

This title is available with Virtual Security Cloud Labs – delivered in a first-of-its-kind cloud computing environment- that provides a fully immersive mock IT infrastructure enabling hands-on-experiential learning. An integrated lab manual is available to assist you with these labs.

Lab #1: Applying the Daubert Standard to Forensic Evidence
Lab #2: Documenting a Workstation Configuration using Common
Forensic Tools
Lab #3: Uncovering New Digital Evidence Using Bootable Forensic
Lab #4: Creating a Forensic System Case File for Analyzing Forensic Evidence
Lab #5: Analyzing Images to Identify Suspicious or Modified Files
Lab #6: Recognizing the Use of Steganography in Image Files
Lab #7: Automating E-mail Evidence Discovery Using P2 Commander
Lab #8: Decoding an FTP Protocol Session for Forensic Evidence
Lab #9: Identifying and Documenting Evidence from a Forensic
Lab #10: Conducting an Incident Response Investigation for a
Suspicious Login
Part 1: The System Forensics Landscape
Chapter 1: Introduction to Forensics
Chapter 2: Overview of Computer Crime
Chapter 3: Forensics Methods and Labs
Part 2: Technical Overview: System Forensics Tools, Techniques, and Methods
Chapter 4: Collecting, Seizing, and Protecting Evidence
Chapter 5: Understanding Information-Hiding Techniques
Chapter 6: Recovering Data
Chapter 7: Email Forensics
Chapter 8: Windows Forensics
Chapter 9: Linux Forensics
Chapter 10: Mac Forensics
Chapter 11: Mobile Forensics
Chapter 12: Performing Network Analysis
Part 3: Incident Response and Resources
Chapter 13: Incident and Intrusion Response
Chapter 14: Trends and Future Directions
Chapter 15: System Forensics Resources
  1. Identify the role of computer forensics in responding to crimes and solving business challenges.
  2. Examine system forensics issues, laws, and skills.
  3. Examine the purpose and structure of a digital forensics lab.
  4. Examine the evidence life cycle.
  5. Procure evidence in physical and virtualized environments.
  6. Examine the impact of sequestration on the evidence-gathering process.
  7. Collect evidence in network and e-mail environments.
  8. Examine automated digital forensic analysis.
  9. Report investigative findings of potential evidentiary value.
  10. Examine the constraints on digital forensic investigations.

Instructor Resources include:

  • PowerPoint Lectures
  • Instructor’s Guide
  • Test and Quiz Items
  • Sample Syllabus
  • Case Scenarios/Handouts
  • Handouts
  • Projects
  • Study Guide
  • Time on Task
  • Content Map