- Applied Labs
- Table of Contents
- Course Objectives
Computer crimes call for forensics specialists, people who know how to find and follow the evidence. Completely revised and rewritten to keep pace with the changing field of computer forensics, System Forensics, Investigation, and Response, Second Edition begins by examining the fundamentals of system forensics, such as what forensics is, the role of computer forensics specialists, computer forensic evidence, and application of forensic analysis skills. It also gives an overview of computer crimes, forensic methods, and laboratories. It then addresses the tools, techniques, and methods used to perform computer forensics and investigation. Finally, it explores emerging technologies as well as future directions of this interesting and cutting-edge field.
- The Second Edition includes all new content. A complete re-write of the first edition
- The latest data and statistics on computer forensics
- Chapter restructuring with new chapters on:
• Email Forensics
• Windows Forensics
• Mac Forensics
• Linux Forensics
• Mobile Forensics
This title is available with Virtual Security Cloud Labs – delivered in a first-of-its-kind cloud computing environment- that provides a fully immersive mock IT infrastructure enabling hands-on-experiential learning. An integrated lab manual is available to assist you with these labs.
|Lab #1:||Applying the Daubert Standard to Forensic Evidence|
Documenting a Workstation Configuration using Common
Uncovering New Digital Evidence Using Bootable Forensic
|Lab #4:||Creating a Forensic System Case File for Analyzing Forensic Evidence|
|Lab #5:||Analyzing Images to Identify Suspicious or Modified Files|
|Lab #6:||Recognizing the Use of Steganography in Image Files|
|Lab #7:||Automating E-mail Evidence Discovery Using P2 Commander|
|Lab #8:||Decoding an FTP Protocol Session for Forensic Evidence|
Identifying and Documenting Evidence from a Forensic
Conducting an Incident Response Investigation for a
|Part 1: The System Forensics Landscape|
|Chapter 1:||Introduction to Forensics|
|Chapter 2:||Overview of Computer Crime|
|Chapter 3:||Forensics Methods and Labs|
|Part 2: Technical Overview: System Forensics Tools, Techniques, and Methods|
|Chapter 4:||Collecting, Seizing, and Protecting Evidence|
|Chapter 5:||Understanding Information-Hiding Techniques|
|Chapter 6:||Recovering Data|
|Chapter 7:||Email Forensics|
|Chapter 8:||Windows Forensics|
|Chapter 9:||Linux Forensics|
|Chapter 10:||Mac Forensics|
|Chapter 11:||Mobile Forensics|
|Chapter 12:||Performing Network Analysis|
|Part 3: Incident Response and Resources|
|Chapter 13:||Incident and Intrusion Response|
|Chapter 14:||Trends and Future Directions|
|Chapter 15:||System Forensics Resources|
- Identify the role of computer forensics in responding to crimes and solving business challenges.
- Examine system forensics issues, laws, and skills.
- Examine the purpose and structure of a digital forensics lab.
- Examine the evidence life cycle.
- Procure evidence in physical and virtualized environments.
- Examine the impact of sequestration on the evidence-gathering process.
- Collect evidence in network and e-mail environments.
- Examine automated digital forensic analysis.
- Report investigative findings of potential evidentiary value.
- Examine the constraints on digital forensic investigations.
Instructor Resources include: