Zum Hauptinhalt springen
Dekorationsartikel gehören nicht zum Leistungsumfang.
A Practical Guide to Digital Forensics Investigations
Taschenbuch von Darren Hayes
Sprache: Englisch

94,60 €*

inkl. MwSt.

Versandkostenfrei per Post / DHL

Lieferzeit 1-2 Wochen

Kategorien:
Beschreibung
Now extensively updated, this authoritative, intensely practical guide to digital forensics draws upon the author's wide-ranging experience in law enforcement, including his pioneering work as a forensics examiner in both criminal and civil investigations.
Writing for students and other readers at all levels of experience, Dr. Darren Hayes presents comprehensive, modern best practices for capturing and analyzing evidence, protecting the chain of custody, documenting investigations, and more -- all designed for application in actual crime scenes. In this edition, Hayes tightly aligns his coverage with widely-respected government curricula, including NSA Knowledge Units; and with key professional certifications such as AccessData Certified Examiner (ACE).
A Practical Guide to Digital Forensics Investigations, Second Edition presents more hands-on activities and case studies than any book of its kind, including short questions, essay questions, and discussion questions in every chapter. It addresses issues ranging from device hardware and software to law, privacy and ethics; scientific and government protocols to techniques for investigation and reporting.
Reflecting his deep specialized knowledge, this edition offers unsurpassed coverage of mobile forensics, including a full chapter on mobile apps. It also adds new discussions of capturing investigatory data from today's ubiquitous Internet of Things (IoT) devices; as well as digital forensics techniques for incident response and related cybersecurity tasks. Throughout, Hayes presents detailed chapters on crucial topics that competitive books gloss over, including Mac forensics and investigating child endangerment.
Now extensively updated, this authoritative, intensely practical guide to digital forensics draws upon the author's wide-ranging experience in law enforcement, including his pioneering work as a forensics examiner in both criminal and civil investigations.
Writing for students and other readers at all levels of experience, Dr. Darren Hayes presents comprehensive, modern best practices for capturing and analyzing evidence, protecting the chain of custody, documenting investigations, and more -- all designed for application in actual crime scenes. In this edition, Hayes tightly aligns his coverage with widely-respected government curricula, including NSA Knowledge Units; and with key professional certifications such as AccessData Certified Examiner (ACE).
A Practical Guide to Digital Forensics Investigations, Second Edition presents more hands-on activities and case studies than any book of its kind, including short questions, essay questions, and discussion questions in every chapter. It addresses issues ranging from device hardware and software to law, privacy and ethics; scientific and government protocols to techniques for investigation and reporting.
Reflecting his deep specialized knowledge, this edition offers unsurpassed coverage of mobile forensics, including a full chapter on mobile apps. It also adds new discussions of capturing investigatory data from today's ubiquitous Internet of Things (IoT) devices; as well as digital forensics techniques for incident response and related cybersecurity tasks. Throughout, Hayes presents detailed chapters on crucial topics that competitive books gloss over, including Mac forensics and investigating child endangerment.
Über den Autor
Dr. Darren R. Hayes is a leading expert in the field of digital forensics and computer security. He is the Director of Digital Forensics and Associate Professor at Pace University, and he has been named one of the Top 10 Computer Forensics Professors by Forensics Colleges. He was selected as the recipient of the 2020 Homeland Security Investigations New York Private Sector Partnership Award.
During his time at Pace University, Hayes developed a Digital Forensics track for the University's Bachelor of Science in Information Technology degree in addition to his development of digital forensics graduate courses. He also created, and now manages, the Pace University Digital Forensics Research Laboratory, where he devotes must of his time to working with a team of students to support the efforts of law enforcement and the University's students. As part of his research and promoting this scientific field of study, he has fostered relationships with the New York Police Department, New York County D.A., Westchester County D.A., Homeland Security Investigations, National Crime Agency and numerous other agencies.
Hayes is not only an academic, however--he is also a practitioner. He has been an investigator on both civil and criminal investigations and frequently consults on cases for law firms. In fact, he has been declared an expert witness in U.S. federal court.
In New York City, Hayes has been working with six to eight public high schools to develop a curriculum in computer forensics and cybersecurity. He collaborates on computer forensics projects internationally and served as an extern examiner for the MSc in the Forensic Computing and Cybercrime Investigation degree program at University College Dublin for four years.
Hayes has appeared on CNBC, Bloomberg Television, MSNBC and Fox News and been quoted by Associated Press, CNN, Wall Street Journal, The Guardian (UK), The Irish Independent, Japan Times, Investor's Business Daily, MarketWatch, Newsweek, SC Magazine, Silicon Valley Business Journal, USA Today, Washington Post, and Wired News. His op-eds have been published by Homeland Security Today, USA Today, and The Hill's Congress Blog. In addition, he has authored a number of peerreviewed articles in many prominent academic journals. Hayes has been both an author and reviewer for Pearson Prentice Hall since 2007
Inhaltsverzeichnis

Introduction xxxvii

Chapter 1: The Scope of Digital Forensics 2

Popular Myths about Computer Forensics.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Types of Digital Forensic Evidence Recovered.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

What Skills Must a Digital Forensics Investigator Possess?.. . . . . . . . . . . . . . . . . . . . 10

The Importance of Digital Forensics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Job Opportunities.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

A History of Digital Forensics.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Training and Education.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

Assessment.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

Chapter 2: Windows Operating and File Systems 34

Physical and Logical Storage.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

Paging. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

File Conversion and Numbering Formats.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

Operating Systems.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47

Windows Registry.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59

Microsoft Office.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62

Microsoft Windows Features.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84

Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85

Assessment.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88

Chapter 3: Handling Computer Hardware 92

Hard Disk Drives.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93

Cloning a PATA or SATA Hard Disk. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97

Removable Memory. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120

Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120

Assessment.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122

Reference.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125

Chapter 4: Acquiring Evidence in a Computer Forensics Lab 126

Lab Requirements.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127

Private-Sector Computer Forensics Laboratories.. . . . . . . . . . . . . . . . . . . . . . . . . . . 130

Computer Forensics Laboratory Requirements.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132

Extracting Evidence from a Device.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157

Skimmers.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166

Steganography. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170

Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170

Assessment.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172

Chapter 5: Online Investigations 176

Working Undercover.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177

Dark Web Investigations.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184

Virtual Currencies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188

Website Evidence.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189

Background Searches on a Suspect.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191

Online Crime. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209

Capturing Online Communications.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212

Edge Web Browser.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216

Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216

Assessment.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218

Chapter 6: Documenting the Investigation 224

Obtaining Evidence from a Service Provider.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224

Documenting a Crime Scene.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226

Seizing Evidence.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227

Documenting the Evidence.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229

Using Tools to Document an Investigation.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 234

Writing Reports.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236

Using Expert Witnesses at Trial.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245

Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246

Assessment.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246

Chapter 7: Admissibility of Digital Evidence 252

History and Structure of the United States Legal System.. . . . . . . . . . . . . . . . . . . . . 253

Evidence Admissibility. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262

Constitutional Law.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262

When Computer Forensics Goes Wrong.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296

Structure of the Legal System in the European Union (E.U.).. . . . . . . . . . . . . . . . . . . 296

Privacy Legislation in Asia. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 303

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 305

Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 306

Assessment.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 309

Chapter 8: Network Forensics and Incident Response 314

The Tools of the Trade.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 315

Networking Devices. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 316

Understanding the OSI Model.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 341

Introduction to VoIP.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346

Incident Response (IR).. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 348

STIX, TAXII, and Cybox.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 349

Advanced Persistent Threats.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ....

Details
Erscheinungsjahr: 2020
Fachbereich: Datenkommunikation, Netze & Mailboxen
Genre: Importe, Informatik
Rubrik: Naturwissenschaften & Technik
Medium: Taschenbuch
ISBN-13: 9780789759917
ISBN-10: 0789759918
Sprache: Englisch
Einband: Kartoniert / Broschiert
Autor: Hayes, Darren
Auflage: 2nd edition
Hersteller: Pearson Education
Verantwortliche Person für die EU: preigu, Ansas Meyer, Lengericher Landstr. 19, D-49078 Osnabrück, mail@preigu.de
Maße: 231 x 178 x 38 mm
Von/Mit: Darren Hayes
Erscheinungsdatum: 21.10.2020
Gewicht: 0,898 kg
Artikel-ID: 127528015
Über den Autor
Dr. Darren R. Hayes is a leading expert in the field of digital forensics and computer security. He is the Director of Digital Forensics and Associate Professor at Pace University, and he has been named one of the Top 10 Computer Forensics Professors by Forensics Colleges. He was selected as the recipient of the 2020 Homeland Security Investigations New York Private Sector Partnership Award.
During his time at Pace University, Hayes developed a Digital Forensics track for the University's Bachelor of Science in Information Technology degree in addition to his development of digital forensics graduate courses. He also created, and now manages, the Pace University Digital Forensics Research Laboratory, where he devotes must of his time to working with a team of students to support the efforts of law enforcement and the University's students. As part of his research and promoting this scientific field of study, he has fostered relationships with the New York Police Department, New York County D.A., Westchester County D.A., Homeland Security Investigations, National Crime Agency and numerous other agencies.
Hayes is not only an academic, however--he is also a practitioner. He has been an investigator on both civil and criminal investigations and frequently consults on cases for law firms. In fact, he has been declared an expert witness in U.S. federal court.
In New York City, Hayes has been working with six to eight public high schools to develop a curriculum in computer forensics and cybersecurity. He collaborates on computer forensics projects internationally and served as an extern examiner for the MSc in the Forensic Computing and Cybercrime Investigation degree program at University College Dublin for four years.
Hayes has appeared on CNBC, Bloomberg Television, MSNBC and Fox News and been quoted by Associated Press, CNN, Wall Street Journal, The Guardian (UK), The Irish Independent, Japan Times, Investor's Business Daily, MarketWatch, Newsweek, SC Magazine, Silicon Valley Business Journal, USA Today, Washington Post, and Wired News. His op-eds have been published by Homeland Security Today, USA Today, and The Hill's Congress Blog. In addition, he has authored a number of peerreviewed articles in many prominent academic journals. Hayes has been both an author and reviewer for Pearson Prentice Hall since 2007
Inhaltsverzeichnis

Introduction xxxvii

Chapter 1: The Scope of Digital Forensics 2

Popular Myths about Computer Forensics.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Types of Digital Forensic Evidence Recovered.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

What Skills Must a Digital Forensics Investigator Possess?.. . . . . . . . . . . . . . . . . . . . 10

The Importance of Digital Forensics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Job Opportunities.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

A History of Digital Forensics.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Training and Education.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

Assessment.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

Chapter 2: Windows Operating and File Systems 34

Physical and Logical Storage.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

Paging. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

File Conversion and Numbering Formats.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

Operating Systems.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47

Windows Registry.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59

Microsoft Office.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62

Microsoft Windows Features.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84

Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85

Assessment.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88

Chapter 3: Handling Computer Hardware 92

Hard Disk Drives.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93

Cloning a PATA or SATA Hard Disk. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97

Removable Memory. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120

Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120

Assessment.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122

Reference.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125

Chapter 4: Acquiring Evidence in a Computer Forensics Lab 126

Lab Requirements.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127

Private-Sector Computer Forensics Laboratories.. . . . . . . . . . . . . . . . . . . . . . . . . . . 130

Computer Forensics Laboratory Requirements.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132

Extracting Evidence from a Device.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157

Skimmers.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166

Steganography. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170

Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170

Assessment.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172

Chapter 5: Online Investigations 176

Working Undercover.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177

Dark Web Investigations.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184

Virtual Currencies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188

Website Evidence.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189

Background Searches on a Suspect.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191

Online Crime. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209

Capturing Online Communications.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212

Edge Web Browser.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216

Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216

Assessment.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218

Chapter 6: Documenting the Investigation 224

Obtaining Evidence from a Service Provider.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224

Documenting a Crime Scene.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226

Seizing Evidence.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227

Documenting the Evidence.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229

Using Tools to Document an Investigation.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 234

Writing Reports.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236

Using Expert Witnesses at Trial.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245

Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246

Assessment.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246

Chapter 7: Admissibility of Digital Evidence 252

History and Structure of the United States Legal System.. . . . . . . . . . . . . . . . . . . . . 253

Evidence Admissibility. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262

Constitutional Law.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262

When Computer Forensics Goes Wrong.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296

Structure of the Legal System in the European Union (E.U.).. . . . . . . . . . . . . . . . . . . 296

Privacy Legislation in Asia. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 303

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 305

Key Terms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 306

Assessment.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 309

Chapter 8: Network Forensics and Incident Response 314

The Tools of the Trade.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 315

Networking Devices. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 316

Understanding the OSI Model.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 341

Introduction to VoIP.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346

Incident Response (IR).. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 348

STIX, TAXII, and Cybox.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 349

Advanced Persistent Threats.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ....

Details
Erscheinungsjahr: 2020
Fachbereich: Datenkommunikation, Netze & Mailboxen
Genre: Importe, Informatik
Rubrik: Naturwissenschaften & Technik
Medium: Taschenbuch
ISBN-13: 9780789759917
ISBN-10: 0789759918
Sprache: Englisch
Einband: Kartoniert / Broschiert
Autor: Hayes, Darren
Auflage: 2nd edition
Hersteller: Pearson Education
Verantwortliche Person für die EU: preigu, Ansas Meyer, Lengericher Landstr. 19, D-49078 Osnabrück, mail@preigu.de
Maße: 231 x 178 x 38 mm
Von/Mit: Darren Hayes
Erscheinungsdatum: 21.10.2020
Gewicht: 0,898 kg
Artikel-ID: 127528015
Sicherheitshinweis