Guide to Computer Forensics and Investigations, Fourth Edition

  Guide to Computer Forensics and Investigations, Fourth Edition

By Bill Nelson, Amelia Phillips, Frank Enfinger and Christopher Steuart  



Master the skills necessary to launch and complete a successful computer investigation with the updated fourth edition of this popular book, Guide to Computer Forensic Investigations, Fourth Edition. This resource guides readers through conducting a high-tech investigation, from acquiring digital evidence to reporting its findings.

Updated coverage includes new software and technologies as well as up-to-date reference sections, and content includes how to set up a forensics lab, how to acquire the proper and necessary tools, and how to conduct the investigation and subsequent digital analysis. It is appropriate for students new to the field, or as a refresher and technology update for professionals in law enforcement, investigations, or computer security.

The book also features free downloads of the latest forensic software, so readers can become familiar with the tools of the trade.


Product Details:
Copyright 2009
ISBN 978-1435498839
Paperback, 708 pages
Thomson Publishing

Table of Contents:


Chapter 1: Computer Forensics and Investigations as a Profession

Chapter 2: Understanding Computer Investigations

Chapter 3: The Investigator's Office and Laboratory

Chapter 4: Data Acquisition

Chapter 5: Processing Crime and Incident Scenes

Chapter 6: Working with Windows and DOS Systems

Chapter 7: Current Computer Forensics Tools

Chapter 8: Macintosh and Linux Boot Processes and File Systems

Chapter 9: Computer Forensics Analysis and Validation

Chapter 10: Recovering Graphics Files

Chapter 11: Virtual Machines, Network Forensics, and Live Acquisitions

Chapter 12: E-mail Investigations

Chapter 13: Cell Phone and Mobile Device Forensics

Chapter 14: Report Writing for High-Tech Investigations

Chapter 15: Expert Testimony in High-Tech Investigations

Chapter 16: Ethics for the Expert Witness

Appendix A: Certification Test References

Appendix B: Computer Forensics References

Appendix C: Computer Forensics Lab Considerations

Appendix D: DOS File System and Forensics Tools