Computer Forensics: Principles and Practices
Linda Volonino
Reynaldo Anzaldua
Jana Godwin

ISBN-10: 0131547275
ISBN-13: 9780131547278

Publisher: Prentice Hall
Copyright: 2007
Format: Paper; 552 pp
Published: 08/21/2006

Suggested retail price: $96.67
Buy from myPearsonStore



For introductory and intermediate courses in computer forensics, digital investigations, or computer crime investigation

 

By applying information systems, computer security, and criminal justice principles and practices to crime investigations and other legal actions, this text teaches students how to use forensically-sound methodologies and software to acquire admissible electronic evidence (e-evidence) with coverage of computer and email forensics, cell phone and IM forensics, and PDA and Blackberry forensics.   

For introductory and intermediate courses in computer forensics, digital investigations, or computer crime investigations

 

By applying information systems, computer security, and criminal justice principles and practices to crime investigations and other legal actions, this text teaches students how to use forensically-sound methodologies and software to acquire admissible electronic evidence (e-evidence) with coverage of computer and email forensics, cell phone and IM forensics, and PDA and Blackberry forensics. 

 

Q. Would you like comprehensive coverage of forensics and hands-on exercises that students can actually perform?

 

A: Computer Forensics: Principles and Practice covers how to investigate crime scenes, intrusions, and hacker attacks—as well as how to gather and analyze digital evidence to discover the truth about what happened—with a comprehensive understanding and hands-on use of one of the most widely-used computer forensics software tools—EnCase.

Unlike other books that frustrate students and faculty by requiring use of operating systems they do not have access to, this book does not require arcane equipment to learn how to use computer forensics software.

 

Q. Does your current text neglect certain subject areas?

 

A: Computer Forensics: Principles and Practices covers three key areas—computer technology, recognized investigative techniques, and legal issues. Without an understanding of these three areas, mistakes will be made that could have alarming consequences. with or tainted.

 

Q. Do you want students to develop the necessary expertise, ethical responsibility, and diverse skill set of a computer forensics investigator?

 

A. Students learn the technical expertise needed to gather, filter, and authenticate e-evidence for use in court or legal actions with knowledge of relevant laws regarding civil rights, search warrants, and rules of evidence.

Other Points of Differentiation

 

·        Introduction to digital investigations with concepts, terminology and issues, in addition to practical skills in multiple types of computer, Internet, and digital device forensics.

-       Provides students with a strong foundation in electronic evidence collection and handling, chain of custody, documentation, testifying as an expert witness, and surviving harsh cross-examination.

 

·        Solid coverage of forensics tools, techniques, and environments plus rules of evidence and privacy rights

Provides students with a comprehensive analysis of the role of e-evidence in            computer crimes, cyberterrorism, traditional and violent crimes, incident          responses, civil cases, fraud and information security verification

 

·        Coverage of often neglected subject arease.g. PDA forensics, cell phone forensics, email and Internet forensics; tracking down hackers and serial killers.

            - Introduces students to important forensics investigative issues that are often     overlooked in other texts.

 

·        End-of-chapter exercises, projects, and review questions.

- Enables students to apply their new knowledge and expertise.

 

·        Extensive extra features, practical applications and FYI’s throughout.

                  - Provides students with practical knowledge to help them understand their technical role, legal obligations, and ethical responsibilities.

 

·        Technical, Investigative, and Legal Glossary and Appendices

 

·        Multiple appendices with additional resources, forms, and checklists to manage and document the case life cycle involving e-evidence.

 

Contents in Brief

 

PART ONE: Admissibility of Electronic Evidence ........................1

  1. Forensic Evidence and Crime Investigation ......................................3
  2. Computer Forensics and Digital Detective Work ..............................38

 

PART TWO: Preparing for E-Evidence Collection

and Preservation ....................................................................79

  1. Tools, Environments, Equipment, and Certifications ..........................81
  2. Policies and Procedures..............................................................120
  3. Data, PDA, and Cell Phone Forensics ..........................................157

 

PART THREE: Forensic Examination of Computers

and Digital and Electronic Media ......................................193

  1. Operating Systems and Data Transmission Basics for Digital

Investigations ............................................................................195

  1. Investigating Windows, Linux, and Graphics Files ........................236
  2. E-Mail and Webmail Forensics ....................................................282

 

PART FOUR: Detecting Intrusions, Malware, and Fraud ........317

  1. Internet and Network Forensics and Intrusion Detection ..................319
  2. Tracking Down Those Who Intend to Do Harm on a Large Scale ....348
  3. Fraud and Forensic Accounting Investigation ................................372

 

PART FIVE: Legal, Ethical, and Testimony Topics....................405

  1. Federal Rules and Criminal Codes ..............................................407
  2. Ethical and Professional Responsibility in Testimony ......................436

 

Appendix A: Online Resources ....................................................467

Appendix B: Government and Legal References ..............................472

Appendix C: Sample Legal Forms, Letters, and Motions ....................478

Appendix D: Summaries of Court Cases ........................................504

Glossary ..................................................................................508

References ................................................................................516

Index ......................................................................................523

 

 

Master the techniques for gathering electronic evidence and explore the new frontier of crime investigation.

 

 

The demand for computer forensics experts greatly exceeds the supply. With the rapid growth of technology in all parts of our lives, criminal activity must be tracked down and investigated using electronic methods that require up-to-date techniques and knowledge of the latest software tools. Authors Linda Volonino, Jana Godwin, and Reynaldo Anzaldua share their expertise to give you the legal, technical, and investigative skills you need to launch your career in computer forensics. You can also use Computer Forensics: Principles and Practices  to help you advance in careers such as criminal justice, accounting, law enforcement, and federal investigation.

 

Computer Forensics: Principles and Practices gives you in-depth understanding of:

  • Using the correct investigative tools and procedures to maximize effectiveness of evidence gathering.
  • Keeping evidence in pristine condition so it will be admissible in a legal action.

·         Investigating large-scale attacks such as identity theft, fraud, phishing, extortion, and malware infections.

  • The legal foundations for proper handling of traditional and electronic evidence such as the Federal Rules of Evidence and Procedure as well as the Fourth Amendment and other laws regarding search warrants and civil rights.
  • Practical tools such as FTK, EnCase, Passware, Ethereal, LADS, WinHex, GIMP, Camouflage, and Snort.

 

This book is filled with tools to help you move beyond simply learning concepts and help you apply them. These tools include:

·         In Practice tutorials: Apply concepts and learn by doing.

·         Exercises and Projects: Assignments show you how to employ your new skills. 

  • Case Studies: Apply what you learn in real-world scenarios.

 

The companion Web site (www.prenhall.com/security) includes:

·         Additional testing materials and projects to reinforce book lessons.

·         Downloadable checklists and templates used in the book.

·         Links to additional topics and resources to assist you in your professional development.

 

 

 

 

View a Sample Chapter PDF:

  • Instructors Resource Center
    Volonino
    © 2007 | Prentice Hall | CD-ROM Only | Instock
    ISBN-10: 0131547267 | ISBN-13: 9780131547261

    Instructors Resource Center
    Volonino
    © 2007 | Prentice Hall | CD-ROM Only | Instock
    ISBN-10: 0131547267 | ISBN-13: 9780131547261

    Downloadable files:

    Help downloading files

    View Downloadable Files

  • TestGen
    Volonino
    © 2007 | Prentice Hall | Software | Instock
    ISBN-10: 0131861956 | ISBN-13: 9780131861954

    TestGen
    Volonino
    © 2007 | Prentice Hall | Software | Instock
    ISBN-10: 0131861956 | ISBN-13: 9780131861954

    Please note: This testbank file must be used in conjunction with Pearson's TestGen application. Go to the TestGen website to download software, upgrade, and access "getting started" TestGen resources.

    Downloadable files:

    • TestGen Testbank file - PC (zip) (0.4MB | zip file | Type: Assessment)
      Compressed file contains testbank files produced for TestGen version 7.3. TestGen test generator software is required to work with this testbank. You can download the latest version by clicking on the "Help downloading Instructor Resources" link


    • TestGen Testbank file - MAC (sit) (0.3MB | sit file | Type: Assessment)
      Compressed file contains testbank files produced for TestGen version 7.3. TestGen test generator software is required to work with this testbank. You can download the latest version by clicking on the "Help downloading Instructor Resources" link


    • TestGen Testbank file - conversion for Blackboard (zip) (0.1MB | zip file | Type: Assessment)
      Click here for installation and file use instructions


    • TestGen Testbank file - conversion for WebCT (zip) (0.1MB | zip file | Type: Assessment)
      Click here for installation and file use instructions


    Help downloading files

    View Downloadable Files

Pearson Higher Education offers special pricing when you choose to package your text with other student resources. If you're interested in creating a cost-saving package for your students, contact your Pearson Higher Education representative for pricing and ordering information.

This title is a member of the Prentice Hall Security Series, which also contains the titles below . You can also visit the Prentice Hall Security Series page.

    For introductory and intermediate courses in computer forensics, digital investigations, or computer crime investigation

     

    By applying information systems, computer security, and criminal justice principles and practices to crime investigations and other legal actions, this text teaches students how to use forensically-sound methodologies and software to acquire admissible electronic evidence (e-evidence) with coverage of computer and email forensics, cell phone and IM forensics, and PDA and Blackberry forensics.   

  • 0131547275Computer Forensics: Principles and Practices
    Volonino, Anzaldua & Godwin
    © 2007 | Prentice Hall | Paper; 552 pages | Instock
    ISBN-10: 0131547275 | ISBN-13: 9780131547278
    Brief Description | Buy from myPearsonStore

    • For introductory computer security, network security or information security courses.

     

    This gateway into the world of computer security provides one volume coverage of all the basic concepts, terminology and issues, along with essential practical skills.

  • 0131711296Computer Security Fundamentals
    Easttom
    © 2006 | Prentice Hall | Paper; 368 pages | Instock
    ISBN-10: 0131711296 | ISBN-13: 9780131711297
    Brief Description | Buy from myPearsonStore

    • For advanced information security courses on disaster recovery

     

    With real world examples, this text provides an extensive introduction to disaster recovery focusing on planning the team, planning for the disaster and practicing the plan to make sure that, if ever needed, it will work.

     

  • 013171127XDisaster Recovery: Principles and Practices
    Wells, Walker, Walker & Abarca
    © 2007 | Prentice Hall | Paper; 298 pages | Instock
    ISBN-10: 013171127X | ISBN-13: 9780131711273
    Brief Description | Buy from myPearsonStore

    • For introductory courses in Network Security; also appropriate as a supplementary text to a general information course in Networking.

     

    This text solves the need for a resource that illustrates the principles underlying security technology, as well as provides complete hands-on exercises for the laboratory. Based on open-source software, this text is oriented toward the first-time networking student. Progressive, practical exercises build confidence; SOHO (small-office-home-office) users will also be impressed with the information provided in the text, as for these users the affordability of open-source solutions can be critical.

  • 0131547313Firewalls and VPNs: Principles and Practices
    Tibbs & Oakes
    © 2006 | Prentice Hall | Paper; 464 pages | Instock
    ISBN-10: 0131547313 | ISBN-13: 9780131547315
    Brief Description | Buy from myPearsonStore

    • For a introductory course in information security covering principles and practices.

     

    This text has been developed to cover the 10 domains in the Information Security Common Body of Knowledge. They include: Security Management Practices, Security Architecture and Models, Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP), Law, Investigations, and Ethics, Physical Security, Operations Security, Access Control Systems and Methodology, Cryptography, Telecommunications, Network, and Internet Security.

  • 0131547291Information Security: Principles and Practices
    Merkow & Breithaupt
    © 2006 | Prentice Hall | Paper; 448 pages | Instock
    ISBN-10: 0131547291 | ISBN-13: 9780131547292
    Brief Description | Buy from myPearsonStore

    • For any network defense course that assumes students have a basic understanding of computer networks.

     

    Fills a void left by other texts with complete coverage of a wide range of defense strategies, forms of attacks, and policies related to computer security.

     

  • 0131711261Network Defense and Countermeasures: Principles and Practices
    Easttom
    © 2006 | Prentice Hall | Paper; 448 pages | Instock
    ISBN-10: 0131711261 | ISBN-13: 9780131711266
    Brief Description | Buy from myPearsonStore

    • For advanced information security courses on policies and procedures.

     

    Security Policies and Procedures: Principles and Practices was created to teach information security policies and procedures and provide students with hands-on practice developing a security policy.

     

    This text provides an introduction to security policy, coverage of information security regulation and framework, and policies specific to industry sectors, including financial, healthcare and small business.

  • 0131866915Security Policies and Procedures: Principles and Practices
    Greene
    © 2006 | Prentice Hall | Paper; 608 pages | Instock
    ISBN-10: 0131866915 | ISBN-13: 9780131866911
    Brief Description | Buy from myPearsonStore

Pearson Higher Education offers special pricing when you choose to package your text with other student resources. If you're interested in creating a cost-saving package for your students, browse our available packages below, or contact your Pearson Higher Education representative to create your own package.



Copyright ©2008 Pearson Education. All rights reserved. Legal Notice | Privacy Policy | Permissions