- Applied Labs
- Table of Contents
- Course Objectives
Revised and updated to address current issues and technology, System Forensics, Investigation, and Response, Third Edition provides a solid, broad grounding in digital forensics. The text begins by examining the fundamentals of system forensics: what forensics is, the role of computer forensics specialists, computer forensic evidence, and application of forensic analysis skills. It also gives an overview of computer crimes, forensic methods, and laboratories. Part II addresses the tools, techniques, and methods used to perform computer forensics and investigation. Finally, Part III explores emerging technologies as well as future directions of this interesting and cutting-edge field.
- Covers all aspects of forensics: procedures, legal issues, and scientific principles as well as specific hands on forensics with Windows, smart phones, memory, network forensics, and Macintosh forensics
- New and expanded content on mobile device forensics, addressing the most current issues
- Additional information on memory forensics
- Updated and expanded coverage on legal issues
- Significantly expanded material on Windows forensics
- Includes information on how to write reports
- Available with the Virtual Security Cloud Labs which provide a hands-on, immersive mock IT infrastructure enabling students to test their skills with realistic security scenarios
This title is available with Virtual Security Cloud Labs – delivered in a first-of-its-kind cloud computing environment- that provides a fully immersive mock IT infrastructure enabling hands-on-experiential learning. An integrated lab manual is available to assist you with these labs.
|Lab #1:||Applying the Daubert Standard to Forensic Evidence|
Documenting a Workstation Configuration using Common
Uncovering New Digital Evidence Using Bootable Forensic
|Lab #4:||Creating a Forensic System Case File for Analyzing Forensic Evidence|
|Lab #5:||Analyzing Images to Identify Suspicious or Modified Files|
|Lab #6:||Recognizing the Use of Steganography in Image Files|
|Lab #7:||Automating E-mail Evidence Discovery Using P2 Commander|
|Lab #8:||Decoding an FTP Protocol Session for Forensic Evidence|
Identifying and Documenting Evidence from a Forensic
Conducting an Incident Response Investigation for a
|Part 1: The System Forensics Landscape|
|Chapter 1:||Introduction to Forensics|
|Chapter 2:||Overview of Computer Crime|
|Chapter 3:||Forensics Methods and Labs|
|Part 2: Technical Overview: System Forensics Tools, Techniques, and Methods|
|Chapter 4:||Collecting, Seizing, and Protecting Evidence|
|Chapter 5:||Understanding Information-Hiding Techniques|
|Chapter 6:||Recovering Data|
|Chapter 7:||Email Forensics|
|Chapter 8:||Windows Forensics|
|Chapter 9:||Linux Forensics|
|Chapter 10:||Mac Forensics|
|Chapter 11:||Mobile Forensics|
|Chapter 12:||Performing Network Analysis|
|Part 3: Incident Response and Resources|
|Chapter 13:||Incident and Intrusion Response|
|Chapter 14:||Trends and Future Directions|
|Chapter 15:||System Forensics Resources|
- Identify the role of computer forensics in responding to crimes and solving business challenges.
- Examine system forensics issues, laws, and skills.
- Examine the purpose and structure of a digital forensics lab.
- Examine the evidence life cycle.
- Procure evidence in physical and virtualized environments.
- Examine the impact of sequestration on the evidence-gathering process.
- Collect evidence in network and e-mail environments.
- Examine automated digital forensic analysis.
- Report investigative findings of potential evidentiary value.
- Examine the constraints on digital forensic investigations.
Instructor Resources include: