Cyber Forensics: A Field Manual for Collecting, Examining and Preserving Evidence of Computer Crimes



Designed as an introduction and overview to the field, "Cyber Forensics: A Field Manual for Collecting, Examining and Preserving Evidence of Computer Crimes, Second Edition" integrates theory and practice to present the policies, procedures, methodologies and legal implications of a cyber forensic investigation. The authors guide you step-by-step through the basics of investigation and introduce tools and procedures required to legally seize and forensically evaluate a suspect machine. 

Evaluating the relationship to and dependency of investigation on technology and the legal legislative process, "Cyber Forensics": 

  • Updates and expands information on concealment techniques, new technologies, hardware, software and relevant new legislation
  • Details scope of cyber forensics to reveal and track legal and illegal activity
  • Describes how to begin an investigation and employ investigative methodology
  • Explains rules of evidence and chain of custody within both the local and federal legal framework
  • Provides tips on mitigating potential exposures and risks to chain of custody
  • Discusses standard operating procedures for cyber forensics investigations in the field and laboratory
  • Evaluates the current data security and integrity exposure of multifunctional devices
  • Establishes a flow chart for the seizure of electronic evidence including computers and their operating environment as well as PDAs

An extensive list of appendices provides valuable “hands-on” information including websites, organizations, pertinent legislation, further readings, best practice recommendations, more information on hardware and software, and a recap of the federal rules of civil procedure. 

Product Details

ISBN 978-0-849-38328-1
Hardcover, 498 PAGES

Table of Contents:

  • Chapter 1: Introduction
  • Chapter 2: Cyber Forensic Tools and Utilities
  • Chapter 3: Concealment Techniques
  • Chapter 4: Hardware: Model System Platforms
  • Chapter 5: Software: Operating Systems, Network Traffic, and Applications
  • Chapter 6: Standard Operating Procedures: Digital Forensic Laboratory Accreditation Standards
  • Chapter 7: Performing a Cyber Forensic Investigation: Flowchart for the Seizure of Electronic Evidence and Associated Internal Control Questionnaires
  • Chapter 8: Privacy and Cyber Forensics: An Australian Perspective
  • Chapter 9: Forensic Black Bag
  • Chapter 10: Digital Multifunctional Devices: Forensic Value and Corporate Exposure
  • Chapter 11: Cyber Forensics and the Law: Legal Considerations
  • Chapter 12: Cyber Forensics and the Changing Face of Investigating Criminal Behavior
  • Chapter 13: Electronically Stored Information and Cyber Forensics
  • Chapter 14: Cyber Forensic Awareness: Management Survey