Nelson Higher Education

Higher Education

Guide to Computer Forensics and Investigations, 5th Edition

  • includes DVD
  • Bill Nelson
  • Amelia Phillips
  • Christopher Steuart
  • ISBN-10: 1285060032
  • ISBN-13: 9781285060033
  • 752 Pages | Paperback
  • Previous Editions: 2010, 2008, 2006
  • COPYRIGHT: 2016 Published
Request a Copy for Review

Overview

About the Product

Updated with the latest advances from the field, GUIDE TO COMPUTER FORENSICS AND INVESTIGATIONS, Fifth Edition combines all-encompassing topic coverage, authoritative information from seasoned experts, powerful instructor resources, and real-world student applications-delivering the most comprehensive forensics resource available. This proven author team's wide ranging areas of expertise mirror the breadth of coverage provided in the text, which focuses on techniques and practices for gathering and analyzing evidence used to solve crimes involving computers. While other texts offer more of an overview of the field, this hands-on learning text provides clear instruction on the tools and techniques of the trade, introducing readers to every step of the computer forensics investigation-from lab set-up to testifying in court. It also details step-by-step guidance on how to use current forensics software and provides free demo downloads of popular tools like FTK Imager for use with Case Projects and Hands-On Projects-giving readers the opportunity to put their new skills into action.

Features

  • GUIDE TO COMPUTER FORENSICS AND INVESTIGATIONS explains how to use the most popular forensics tools.

  • Provides specific guidance on dealing with civil and criminal matters relating to the law and technology.

  • Includes discussions on how to manage a digital forensics operation in today’s business environment.

  • Review Questions, Hands-On Projects, and Case Projects that give readers the opportunity to practice skills they have learned.

  • Free software works with running case studies, giving readers the opportunity to test their new skills and tying the content to professional practice.

  • Videos of drive acquisitions and related activities for digital forensics are also included on the DVD.

  • Expansive artwork brings chapter concepts to life. For example, cutaway views of hard drives present a difficult concept like the anatomy of a disk in a way students can fully understand.

About the Author

Bill Nelson

Bill Nelson has worked for two global Fortune 100 companies in information technologies for more than 32 years, including 18-plus years in corporate digital forensics and information security. In addition, he has taught digital forensics classes at the City University of Seattle and the University of Washington's Professional and Continuing Education Department for 10 years. He also has experience in Automated Fingerprint Identification System software engineering and reserve police work. A former president and vice president for Computer Technology Investigators Northwest, he routinely lectures at several colleges and universities in the Pacific Northwest.

Amelia Phillips

Amelia Phillips is a tenured faculty member at Highline College in Seattle, Washington. After serving as an engineer at the Jet Propulsion Lab, she worked with e-commerce websites and began her training in computer forensics to prevent credit card numbers from being stolen from sensitive e-commerce databases. She designed certificate and AAS programs for community colleges in e-commerce, network security, computer forensics and data recovery. She designed the Bachelor of Applied Science in cybersecurity and forensics, which was approved in 2014. A Fulbright Scholar, she taught at Polytechnic of Namibia in 2005 and 2006 and continues her work with developing nations, traveling there frequently. She earned B.S. degrees in astronautical engineering and archaeology and an MBA in technology management from the Massachusetts Institute of Technology and an interdisciplinary Ph.D. in computer security from the University of Alaska, Fairbanks.

Christopher Steuart

Christopher K. Steuart is a practicing attorney maintaining a general litigation practice, with experience in information systems security for a Fortune 50 company and the U.S. Army. He is also an honorary life member and the former general counsel for Computer Technology Investigators Northwest. He has presented computer forensics seminars in regional and national forums, including the American Society for Industrial Security, Agora, Northwest Computer Technology Crime Analysis Seminar and CTIN.

Table of Contents

1. Understanding the Digital Forensics Profession and Investigations.
2. The Investigator’s Office and Laboratory.
3. Data Acquisition.
4. Processing Crime and Incident Scenes.
5. Working with Windows and CLI Systems.
6. Current Computer Forensics Tools.
7. Macintosh and Linux Boot Processes and File Systems.
8. Recovering Graphics Files.
9. Computer Forensics Analysis and Validation.
10. Virtual Machine and Cloud Forensics.
11. Live Acquisitions and Network Forensics.
12. Email investigations.
13. Cell Phone and Mobile Device Forensics.
14. Report Writing for High Tech Investigations.
15. Expert Testimony in High Tech Investigations.
16. Ethics for the Investigator and Expert Witness.
Appendix A Digital Forensics Test References.
Appendix B Digital Forensics References.
Appendix C Digital Forensics Lab Considerations.
Appendix D Digital Forensic Alternative Tools and Methods.

New to this edition

  • Master the skills needed to launch and conduct a successful digital investigation with the updated fifth edition of this popular book, Guide to Computer Forensics and Investigations: Processing Digital Evidence. This resource guides readers through conducting a high-tech investigation, from acquiring digital evidence to reporting its findings. Updated coverage includes new software and technologies as well as up-to-date reference sections, and content includes how to set up a forensics lab, how to acquire and evaluate the necessary tools, and how to conduct an investigation and subsequent digital analysis. This book features free downloads of the latest forensics software so that readers can become familiar with the tools of the trade.
  • New to This Edition: Updated coverage on Linux and Macintosh, Updated coverage on virtual machine software, such as VMware and Virtual Box, Updated coverage on Android, mobile devices, and handheld devices, Enhanced end-of-chapter exercises

Supplements

All supplements have been updated in coordination with the Main title.
Please see Main title page for new to this edition information.

Instructor Supplements

Lab Manual  (ISBN-10: 1285079086 | ISBN-13: 9781285079080)

The Laboratory Manual is a valuable tool designed to enhance your lab experience. Lab activities, objectives, materials lists, step-by-step procedures, illustrations, and review questions are commonly found in a Lab Manual.

LabConnection on DVD  (ISBN-10: 128506013X | ISBN-13: 9781285060132)

With powerful computer-based exercises, lab simulations and in-depth remediation capabilities, LabConnection® provides a uniquely integrated supplement to hands-on networking courses, and can be used both as a virtual lab and homework assignment tool. LabConnection supports Cengage Learning’s GUIDE TO COMPUTER FORENSICS AND INVESTIGATIONS, 5e offers remediation to the textbook. LabConnection is a system that enables exercises and labs to be embedded within the curriculum and instruction. The system includes one simulated lab session per chapter of the text, each containing five to seven interactive exercises and one to three end-to-end lab procedures. The standalone DVD version allows use of the simulation product without the necessity of online access. LabConnection is also available as online and institutional versions, with full learning management capabilities.

Online Instructor's Resource Guide  (ISBN-10: 1305086635 | ISBN-13: 9781305086630)

Everything you need for your course in one place! This collection of book-specific lecture and class tools is available online via www.cengage.com/login. Access and download the workbook answer keys.

Cengage Testing, powered by Cognero® Instant Access  (ISBN-10: 1285981006 | ISBN-13: 9781285981000)

Cengage Learning Testing Powered by Cognero is a flexible, online system that allows you to: author, edit, and manage test bank content from multiple Cengage Learning solutions create multiple test versions in an instant deliver tests from your LMS, your classroom or wherever you want Start right away! Cengage Learning Testing Powered by Cognero works on any operating system or browser. No special installs or downloads needed Create tests from school, home, the coffee shop – anywhere with Internet access What will you find? Simplicity at every step. A desktop-inspired interface features drop-down menus and familiar, intuitive tools that take you through content creation and management with ease. Full-featured test generator. Create ideal assessments with your choice of 15 question types (including true/false, multiple choice, opinion scale/likert, and essay). Multi-language support, an equation editor and unlimited metadata help ensure your tests are complete and compliant. Cross-compatible capability. Import and export content into other systems.

Cengage Testing, powered by Cognero®  (ISBN-10: 1285977874 | ISBN-13: 9781285977874)

Cengage Learning Testing Powered by Cognero is a flexible, online system that allows you to: author, edit, and manage test bank content from multiple Cengage Learning solutions create multiple test versions in an instant deliver tests from your LMS, your classroom or wherever you want Start right away! Cengage Learning Testing Powered by Cognero works on any operating system or browser. No special installs or downloads needed Create tests from school, home, the coffee shop – anywhere with Internet access What will you find? Simplicity at every step. A desktop-inspired interface features drop-down menus and familiar, intuitive tools that take you through content creation and management with ease. Full-featured test generator. Create ideal assessments with your choice of 15 question types (including true/false, multiple choice, opinion scale/likert, and essay). Multi-language support, an equation editor and unlimited metadata help ensure your tests are complete and compliant. Cross-compatible capability. Import and export content into other systems.

DVD  (ISBN-10: 1285060083 | ISBN-13: 9781285060088)
LMS Integrated LabConnection, 2 terms (12 months) Instant Access  (ISBN-10: 1305586646 | ISBN-13: 9781305586642)
LabConnection Guide, 2 terms (12 months) Instant Access  (ISBN-10: 1285060199 | ISBN-13: 9781285060194)

With powerful computer-based exercises, lab simulations and in-depth remediation capabilities, LabConnection® provides a uniquely integrated supplement to hands-on networking courses, and can be used both as a virtual lab and homework assignment tool. LabConnection supports Cengage Learning's GUIDE TO COMPUTER FORENSICS AND INVESTIGATIONS, 5e offers remediation to the textbook. LabConnection, by dti Publishing, is a system that enables exercises and labs to be embedded within the curriculum and instruction. The system includes one simulated lab session per chapter of the text, each containing five to seven interactive exercises and one to three end-to-end lab procedures.

Student Supplements

LabConnection on DVD  (ISBN-10: 128506013X | ISBN-13: 9781285060132)

LABCONNECTION ON DVD GUIDE TO COMPUTER FORENSICS AND INVESTIGATIONS has innovative hands-on-tool provides a simulated learning environment for those studying to be Information Security Technicians. The program consists of interactive exercises and end-to-end procedures.

DVD  (ISBN-10: 1285060083 | ISBN-13: 9781285060088)
LMS Integrated LabConnection, 2 terms (12 months) Instant Access  (ISBN-10: 1305586646 | ISBN-13: 9781305586642)
LabConnection Guide, 2 terms (12 months) Instant Access  (ISBN-10: 1285060199 | ISBN-13: 9781285060194)

With powerful computer-based exercises, lab simulations and in-depth remediation capabilities, LabConnection® provides a uniquely integrated supplement to hands-on networking courses, and can be used both as a virtual lab and homework assignment tool. LabConnection supports Cengage Learning's GUIDE TO COMPUTER FORENSICS AND INVESTIGATIONS, 5e offers remediation to the textbook. LabConnection, by dti Publishing, is a system that enables exercises and labs to be embedded within the curriculum and instruction. The system includes one simulated lab session per chapter of the text, each containing five to seven interactive exercises and one to three end-to-end lab procedures.

Guide to Computer Forensics and Investigations (Book Only)  (ISBN-10: 1285060202 | ISBN-13: 9781285060200)

Updated with the latest advances from the field, GUIDE TO COMPUTER FORENSICS AND INVESTIGATIONS, Fifth Edition combines all-encompassing topic coverage and authoritative information from seasoned experts to deliver the most comprehensive forensics resource available. This proven author team's wide ranging areas of expertise mirror the breadth of coverage provided in the book, which focuses on techniques and practices for gathering and analyzing evidence used to solve crimes involving computers. Providing clear instruction on the tools and techniques of the trade, it introduces readers to every step of the computer forensics investigation-from lab set-up to testifying in court. It also details step-by-step guidance on how to use current forensics software. Appropriate for learners new to the field, it is also an excellent refresher and technology update for professionals in law enforcement, investigations, or computer security.