Investigative computer forensics is playing an increasingly important role in the resolution of challenges, disputes, and conflicts of every kind and in every corner of the world. Yet, for many, there is still great apprehension when contemplating leveraging these emerging technologies, preventing them from making the most of investigative computer forensics and its extraordinary potential to dissect everything from common crime to sophisticated corporate fraud. Empowering you to make tough and informed decisions during an internal investigation, electronic discovery exercise, or while…mehr
Investigative computer forensics is playing an increasingly important role in the resolution of challenges, disputes, and conflicts of every kind and in every corner of the world. Yet, for many, there is still great apprehension when contemplating leveraging these emerging technologies, preventing them from making the most of investigative computer forensics and its extraordinary potential to dissect everything from common crime to sophisticated corporate fraud. Empowering you to make tough and informed decisions during an internal investigation, electronic discovery exercise, or while engaging the capabilities of a computer forensic professional, Investigative Computer Forensics explains the investigative computer forensic process in layman's terms that users of these services can easily digest. Computer forensic/e-discovery expert and cybercrime investigator Erik Laykin provides readers with a cross section of information gleaned from his broad experience, covering diverse areas of knowledge and proficiency from the basics of preserving and collecting evidence through to an examination of some of the future shaping trends that these technologies are having on society. Investigative Computer Forensics takes you step by step through: * Issues that are present-day drivers behind the converging worlds of business, technology, law, and fraud * Computers and networks--a primer on how they work and what they are * Computer forensic basics, including chain of custody and evidence handling * Investigative issues to know about before hiring a forensic investigator * Managing forensics in electronic discovery * How cyber-firefighters defend against cybercrime and other malicious online activity * Emerging standards of care in the handling of electronic evidence * Trends and issues affecting the future of the information revolution and society as a whole Thoroughly researched and practical, Investigative Computer Forensics helps you--whether attorney, judge, businessperson, or accountant--prepare for the forensic computer investigative process, with a plain-English look at the complex terms, issues, and risks associated with managing electronic data in investigations and discovery.Hinweis: Dieser Artikel kann nur an eine deutsche Lieferadresse ausgeliefert werden.
ERIK LAYKIN, CHFI, CEDS, is a Managing Director of Duff & Phelps, LLC and was a cofounder of its Global Electronic Discovery and Investigations practice. He focuses on large-scale international corporate investigations and high-stakes litigation issues in which computer forensics and electronic discovery play a major role. Mr. Laykin is frequently appointed as an expert witness, independent neutral, or special master in federal and state courts and has served in an advisory capacity to hundreds of corporations, law firms, and government agencies in the U.S., Asia, and Europe. As an early pioneer in the computer forensics and cybercrime field, he regularly comments on these emerging technology and business issues at industry conferences and for the media, including CNN, Fox, ABC, NBC, CBS, major newspapers, and periodicals. Mr. Laykin is active in a variety of organizations including the HTCIA (High Technology Crime Investigation Association), FEWA (Forensic Expert Witness Association), ABA (American Bar Association), and is a past president (Los Angeles) and Pacific Rim director of the FBI's InfraGard Program.
Inhaltsangabe
Foreword ix Preface xi Acknowledgments xv Author's Note xvii Introduction Investigative Computer Forensics 1 Changes in Technology 1 Changes in the Role of the Investigator 2 What is Computer Forensics? 4 Chapter 1 The Glue 7 The Relevancy of Truth 8 Foundations of Digital Evidence 9 Investigative Objectives 11 The Investigative Process 11 Trust 13 Privacy 14 Chapter 2 A Primer on Computers and Networks 17 The Mechanics of Electronically Stored Information 19 Optical Drives 25 The Server 27 The Router 30 Application Data 32 Metadata 35 Databases 37 E-mail Mechanics 41 The IP Address 43 Computer Time Artifacts 45 Social Media 45 Tablets 48 Cellular Telephones and Smartphones 50 Audio and Video 52 The Global Nervous System: Worldwide Data 54 Fundamentals of Network Traffic 58 The Firewall 59 Data- and Traffic-Gathering Applications 61 Dynamic Data Capture 63 The Cloud 65 International Data Security and Privacy Issues 67 Chapter 3 Computer Forensic Fundamentals 69 The Establishment of the Computer Forensic Laboratory 69 Evidence and Access Controls 73 The Forensic Workstation 79 Current Tools and Services 86 Building a Team and a Process 94 Computer Forensic Certifications 98 The Human Quotient 98 The Devil is in the Details 124 Chapter 4 Investigative Fundamentals 127 The Investigative Mind-Set 127 Case Management 128 Fraud and Investigative Analysis 129 Information Sources and Records 130 Investigative Techniques 130 Surveillance and Interviewing 132 Trade Secret Theft and IP Investigations 133 Human Resources and Interpersonal Investigations 134 Reporting and Testifying 136 Chapter 5 The Underpinnings of Investigative Computer Forensics 139 Seizure and Examination of Digital Evidence 140 Data Classification and Records Management 140 Deleted Data 143 Backups and Systems Preservation 145 Computer Crime Analysis and Reconstruction 147 The Who, What, Where, How of Data 149 Contracts Agreements, Third Parties, and Other Headaches 154 Ethics and Management 155 Chapter 6 Tactical Objectives and Challenges in Investigative Computer Forensics 157 Preparing for the Attack 158 Early Case Assessment 159 Investigative Pacing, Timing, and Setting Expectations 160 Working with Multinational Teams 161 Collections of Electronic Data in the Cloud and in Social Media 162 Investigating Internet Service Provider Records 164 Bridging the Actual World with the Cyberworld 165 Packaging the Findings 165 Chapter 7 The Cyber-Firefighters 167 Incident Response Fundamentals 167 Data Breaches 170 Theft and Fraud 172 Systems Failures 172 Internal Investigations 173 The Real-Time Predicament 175 Building a Global Resource Network 175 Honeypots and Other Attractive Intel-Gathering Targets 176 Databases and Structured Data 178 Organized Crime in the Cyber-Underworld 178 The Cyber-Underworld in Various Regions 179 State-Sponsored Cybercrime 181 Identity Theft 182 Intellectual Property and Trade Secret Theft 183 Botnets, Malware, Trojans, and Phishing 184 Data Breach Vulnerabilities 185 Hackers and Their Environment 186 Chapter 8 E-Discovery Responsibilities 189 Data Identification 189 Electronic Discovery Reference Model 190 E-Discovery Stages 192 Common E-Discovery and Foreign Data Challenges 196 Tools, Services, and Technologies 199 Emerging E-Discovery Realities 202 European and Asian Observations 205 Digital Evidence in the Courtroom 207 Chapter 9 The Future 209 Privacy and the Data Ecosystem 209 Access Controls and the Evolution of Trust 211 Global Communications Systems in the Cloud 211 Nanotechnology and Cognitive Computing 212 Digital Demographics and the Emerging Global Citizen 212 Extra-National Investigative Networks and the Information Union 214 Zero Day Forensics 214 Concluding Thoughts 215 About the Author 217 Index 219
Foreword ix Preface xi Acknowledgments xv Author's Note xvii Introduction Investigative Computer Forensics 1 Changes in Technology 1 Changes in the Role of the Investigator 2 What is Computer Forensics? 4 Chapter 1 The Glue 7 The Relevancy of Truth 8 Foundations of Digital Evidence 9 Investigative Objectives 11 The Investigative Process 11 Trust 13 Privacy 14 Chapter 2 A Primer on Computers and Networks 17 The Mechanics of Electronically Stored Information 19 Optical Drives 25 The Server 27 The Router 30 Application Data 32 Metadata 35 Databases 37 E-mail Mechanics 41 The IP Address 43 Computer Time Artifacts 45 Social Media 45 Tablets 48 Cellular Telephones and Smartphones 50 Audio and Video 52 The Global Nervous System: Worldwide Data 54 Fundamentals of Network Traffic 58 The Firewall 59 Data- and Traffic-Gathering Applications 61 Dynamic Data Capture 63 The Cloud 65 International Data Security and Privacy Issues 67 Chapter 3 Computer Forensic Fundamentals 69 The Establishment of the Computer Forensic Laboratory 69 Evidence and Access Controls 73 The Forensic Workstation 79 Current Tools and Services 86 Building a Team and a Process 94 Computer Forensic Certifications 98 The Human Quotient 98 The Devil is in the Details 124 Chapter 4 Investigative Fundamentals 127 The Investigative Mind-Set 127 Case Management 128 Fraud and Investigative Analysis 129 Information Sources and Records 130 Investigative Techniques 130 Surveillance and Interviewing 132 Trade Secret Theft and IP Investigations 133 Human Resources and Interpersonal Investigations 134 Reporting and Testifying 136 Chapter 5 The Underpinnings of Investigative Computer Forensics 139 Seizure and Examination of Digital Evidence 140 Data Classification and Records Management 140 Deleted Data 143 Backups and Systems Preservation 145 Computer Crime Analysis and Reconstruction 147 The Who, What, Where, How of Data 149 Contracts Agreements, Third Parties, and Other Headaches 154 Ethics and Management 155 Chapter 6 Tactical Objectives and Challenges in Investigative Computer Forensics 157 Preparing for the Attack 158 Early Case Assessment 159 Investigative Pacing, Timing, and Setting Expectations 160 Working with Multinational Teams 161 Collections of Electronic Data in the Cloud and in Social Media 162 Investigating Internet Service Provider Records 164 Bridging the Actual World with the Cyberworld 165 Packaging the Findings 165 Chapter 7 The Cyber-Firefighters 167 Incident Response Fundamentals 167 Data Breaches 170 Theft and Fraud 172 Systems Failures 172 Internal Investigations 173 The Real-Time Predicament 175 Building a Global Resource Network 175 Honeypots and Other Attractive Intel-Gathering Targets 176 Databases and Structured Data 178 Organized Crime in the Cyber-Underworld 178 The Cyber-Underworld in Various Regions 179 State-Sponsored Cybercrime 181 Identity Theft 182 Intellectual Property and Trade Secret Theft 183 Botnets, Malware, Trojans, and Phishing 184 Data Breach Vulnerabilities 185 Hackers and Their Environment 186 Chapter 8 E-Discovery Responsibilities 189 Data Identification 189 Electronic Discovery Reference Model 190 E-Discovery Stages 192 Common E-Discovery and Foreign Data Challenges 196 Tools, Services, and Technologies 199 Emerging E-Discovery Realities 202 European and Asian Observations 205 Digital Evidence in the Courtroom 207 Chapter 9 The Future 209 Privacy and the Data Ecosystem 209 Access Controls and the Evolution of Trust 211 Global Communications Systems in the Cloud 211 Nanotechnology and Cognitive Computing 212 Digital Demographics and the Emerging Global Citizen 212 Extra-National Investigative Networks and the Information Union 214 Zero Day Forensics 214 Concluding Thoughts 215 About the Author 217 Index 219
Es gelten unsere Allgemeinen Geschäftsbedingungen: www.buecher.de/agb
Impressum
www.buecher.de ist ein Internetauftritt der buecher.de internetstores GmbH
Geschäftsführung: Monica Sawhney | Roland Kölbl | Günter Hilger
Sitz der Gesellschaft: Batheyer Straße 115 - 117, 58099 Hagen
Postanschrift: Bürgermeister-Wegele-Str. 12, 86167 Augsburg
Amtsgericht Hagen HRB 13257
Steuernummer: 321/5800/1497
USt-IdNr: DE450055826