CHAPTER 20 Computer Forensics

In this chapter, you will

Learn the rules and types of evidence
Review the collection of evidence
Study the preservation of evidence
Discover the importance of a viable chain of custody
Explore the steps to investigating a computer crime or policy violation

Computer forensics is certainly a popular buzzword in computer security. This chapter addresses the key aspects of computer forensics in preparation for the Security+ certification exam. It is not intended to be a legal tutorial regarding the presentation of evidence in a court of law. These principles are of value in conducting any investigative processes, including internal or external audit procedures, but many nuances of handling legal cases are far ...

Get CompTIA Security+ All-in-One Exam Guide (Exam SY0-301), 3rd Edition, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CompTIA Security+ All-in-One Exam Guide (Exam SY0-301), 3rd Edition, 3rd Edition by Gregory White, Wm. Arthur Conklin, Dwayne Williams, Roger Davis, Chuck Cothren

CHAPTER 20

Computer Forensics

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly