You are previewing Investigative Computer Forensics: The Practical Guide for Lawyers, Accountants, Investigators, and Business Executives.
O'Reilly logo
Investigative Computer Forensics: The Practical Guide for Lawyers, Accountants, Investigators, and Business Executives

Book Description

"Having worked with Erik on some of the most challenging computer forensic investigations during the early years of this industry's formation as well as having competed with him earnestly in the marketplace...I can truly say that Erik is one of the unique pioneers of computer forensic investigations. He not only can distill complex technical information into easily understandable concepts, but he always retained a long-term global perspective on the relevancy of our work and on the impact of the information revolution on the social and business structures of tomorrow."

—From the Foreword by James Gordon, Managing Director, Navigant Consulting, Inc.

Get the knowledge you need to make informed decisions throughout the computer forensic investigation process

Investigative Computer Forensics zeroes in on a real need felt by lawyers, jurists, accountants, administrators, senior managers, and business executives around the globe: to understand the forensic investigation landscape before having an immediate and dire need for the services of a forensic investigator.

Author Erik Laykin—leader and pioneer of computer forensic investigations—presents complex technical information in easily understandable concepts, covering:

  • A primer on computers and networks

  • Computer forensic fundamentals

  • Investigative fundamentals

  • Objectives and challenges in investigative computer forensics

  • E-discovery responsibilities

  • The future of computer forensic investigations

Get the knowledge you need to make tough decisions during an internal investigation or while engaging the capabilities of a computer forensic professional with the proven guidance found in Investigative Computer Forensics.

Table of Contents

  1. Cover
  2. Title Page
  3. Copyright
  4. Dedication
  5. Foreword
  6. Preface
  7. Acknowledgments
  8. Author's Note
  9. Introduction: Investigative Computer Forensics
    1. Changes in Technology
    2. Changes in the Role of the Investigator
    3. What Is Computer Forensics?
  10. Chapter 1: The Glue
    1. The Relevancy of Truth
    2. Foundations of Digital Evidence
    3. Investigative Objectives
    4. The Investigative Process
    5. Trust
    6. Privacy
  11. Chapter 2: A Primer on Computers and Networks
    1. The Mechanics of Electronically Stored Information
    2. Optical Drives
    3. The Server
    4. The Router
    5. Application Data
    6. Metadata
    7. Databases
    8. Internet Data
    9. E-mail Mechanics
    10. The IP Address
    11. Computer Time Artifacts
    12. Social Media
    13. Tablets
    14. Cellular Telephones and Smartphones
    15. Audio and Video
    16. The Global Nervous System: Worldwide Data
    17. Fundamentals of Network Traffic
    18. The Firewall
    19. Data- and Traffic-Gathering Applications
    20. Dynamic Data Capture
    21. The Cloud
    22. International Data Security and Privacy Issues
  12. Chapter 3: Computer Forensic Fundamentals
    1. The Establishment of the Computer Forensic Laboratory
    2. Evidence and Access Controls
    3. The Forensic Workstation
    4. Current Tools and Services
    5. Building a Team and a Process
    6. Computer Forensic Certifications
    7. The Human Quotient
    8. The Devil Is in the Details
  13. Chapter 4: Investigative Fundamentals
    1. The Investigative Mind-Set
    2. Case Management
    3. Fraud and Investigative Analysis
    4. Information Sources and Records
    5. Investigative Techniques
    6. Surveillance and Interviewing
    7. Trade Secret Theft and IP Investigations
    8. Human Resources and Interpersonal Investigations
    9. Reporting and Testifying
  14. Chapter 5: The Underpinnings of Investigative Computer Forensics
    1. Seizure and Examination of Digital Evidence
    2. Data Classification and Records Management
    3. Deleted Data
    4. Backups and Systems Preservation
    5. Computer Crime Analysis and Reconstruction
    6. The Who, What, Where, How of Data
    7. Contracts Agreements, Third Parties, and Other Headaches
    8. Ethics and Management
  15. Chapter 6: Tactical Objectives and Challenges in Investigative Computer Forensics
    1. Preparing for the Attack
    2. Early Case Assessment
    3. Investigative Pacing, Timing, and Setting Expectations
    4. Working with Multinational Teams
    5. Collections of Electronic Data in the Cloud and in Social Media
    6. Investigating Internet Service Provider Records
    7. Bridging the Actual World with the Cyberworld
    8. Packaging the Findings
  16. Chapter 7: The Cyber-Firefighters
    1. Incident Response Fundamentals
    2. Data Breaches
    3. Theft and Fraud
    4. Systems Failures
    5. Internal Investigations
    6. The Real-Time Predicament
    7. Building a Global Resource Network
    8. Honeypots and Other Attractive Intel-Gathering Targets
    9. Databases and Structured Data
    10. Organized Crime in the Cyber-Underworld
    11. The Cyber-Underworld in Various Regions
    12. State-Sponsored Cybercrime
    13. Identity Theft
    14. Intellectual Property and Trade Secret Theft
    15. Botnets, Malware, Trojans, and Phishing
    16. Data Breach Vulnerabilities
    17. Hackers and Their Environment
  17. Chapter 8: E-Discovery Responsibilities
    1. Data Identification
    2. Electronic Discovery Reference Model
    3. E-Discovery Stages
    4. Common E-Discovery and Foreign Data Challenges
    5. Tools, Services, and Technologies
    6. Emerging E-Discovery Realities
    7. European and Asian Observations
    8. Digital Evidence in the Courtroom
  18. Chapter 9: The Future
    1. Privacy and the Data Ecosystem
    2. Access Controls and the Evolution of Trust
    3. Global Communications Systems in the Cloud
    4. Nanotechnology and Cognitive Computing
    5. Digital Demographics and the Emerging Global Citizen
    6. Extra-National Investigative Networks and the Information Union
    7. Zero Day Forensics
    8. Concluding Thoughts
  19. About the Author
  20. Index