Introduction to Digital Forensics

From Wikibooks, open books for an open world
(Redirected from Digital forensics)
Jump to navigation Jump to search
Seagate ST33232A hard disk head and platters detail.jpg
Introduction to Digital Forensics

A "short and sweet" introduction to the topic of Digital Forensics

This book is a "short and sweet" introduction to the topic of Digital Forensics, covering theoretical, practical and legal aspects. The first part of the book focuses on the history of digital forensics as a discipline and discusses the traits and requirements needed to become an forensic analyst. The middle portion of the book constitutes a general guide to a digital forensic investigation, mostly focusing on computers. It finishes with a discussion of the legal aspects of digital forensics as well as some other observations for managers or other interested parties.

Contents

Introduction 100% developed
Overview of the topic and introduction to the book
So you want to be a forensic analyst? 100% developed
Who can benefit from this material?
Requirements 100% developed
Hardware and software requirements

Digital forensics

A history 50% developed
A brief history of the discipline
Types of investigations 100% developed
Investigations can take many forms
The forensic process 50% developed
Description of the traditional digital forensic process
Terminology 50% developed
Before we begin, explanation of some words

Acquiring Evidence

Tableau forensic write blocker used for acquisitions
Documenting evidence 50% developed
How to document exhibits and media
Acquisition 75% developed
Notes on the authentication of evidence
Example task 50% developed
Have a go at recording and acquiring some data

Analysis

Forensic tools 75% developed
Common forensic tools and their uses
First steps in analysis 25% developed
Where to begin? Often a daunting question
Chat, email and internet artefacts 25% developed
One of the main areas of investigation will be the internet cache
Image investigations 25% developed
Images can contain a wealth of information
Linux & Mac 0% developed
Some significant differences & problems exist when examining different operating systems
Example task 25% developed
Perform a simple analysis

Reporting findings

Reporting 50% developed
Reporting is one of the key aspects of digital forensics
Giving expert evidence 0% developed
How to defend your findings in court
Example task 0% developed
Try your hand at putting together a simple report

Mobile devices

iPhone in an RF bag
Mobile devices 0% developed
An introduction to mobile device forensics
Mobile forensics tools 0% developed
Hardware/software for mobile analysis
Mobile device analysis 0% developed
Specific notes for analysing mobile devices

Legal considerations

Criminal investigations 0% developed
Considerations when investigating crime
Civil investigations (eDiscovery) 0% developed
The various rules relating to civil investigation
Seizing digital media 0% developed
Important considerations apply to how and when you can seize media

Advice

Managing an investigation 0% developed
Advice for managers handling a digital investigation
Anti-forensics
Counter measures to impair forensics analysis

Appendices

Glossary
Authors
Bibliography
Further reading