Handbook of Computer Crime Investigation: Forensic Tools and TechnologyEoghan Casey Elsevier, 2001. gada 22. okt. - 448 lappuses Following on the success of his introductory text, Digital Evidence and Computer Crime, Eoghan Casey brings together a few top experts to create the first detailed guide for professionals who are already familiar with digital evidence. The Handbook of Computer Crime Investigation helps readers master the forensic analysis of computer systems with a three-part approach covering tools, technology, and case studies. The Tools section provides the details on leading software programs, with each chapter written by that product's creator. The section ends with an objective comparison of the strengths and limitations of each tool. The main Technology section provides the technical "how to" information for collecting and analyzing digital evidence in common situations, starting with computers, moving on to networks, and culminating with embedded systems. The Case Examples section gives readers a sense of the technical, legal, and practical challenges that arise in real computer investigations.
|
No grāmatas satura
1.–5. rezultāts no 92.
... Figure 3.1, consists of three basic parts – the file header, the checksums and the data blocks – that all work together to provide a secure and self-checking 'exact snapshot' of the computer disk at the time of acquisition. The EnCase ...
... Figure 3.2. It is impossible for EnCase to write to the Evidence File once it is created. As with any file, it is possible to Figure 3.2 Chain of custody information is documented in an THE ENCASE PROCESS 55.
Forensic Tools and Technology Eoghan Casey. Figure 3.2 Chain of custody information is documented in an automatically ... Figure 3.2). The Case Info file header is also authenticated. CRC AND MD5 HASH VALUE STORAGE AND CASE INFORMATION ...
Forensic Tools and Technology Eoghan Casey. Figure 3.2). The Case Info file header is also authenticated with a separate CRC, making it impossible to alter without registering a verification error. ACQUISITION METHODOLOGIES EnCase ...
... (Figure 3.3). EnCase can view most file systems, including FAT 12, 16, 32, NTFS (including Win2000), Macintosh (MFS, HFS, HFS+), Linux (EXT2), and Unix (Sun Solaris, Open BSD and other flavors). CD and DVD-ROM file systems are also ...
Saturs
1 | |
17 | |
53 | |
TECHNOLOGY | 133 |
CASE EXAMPLES | 361 |
APPENDIX 1 | 415 |
APPENDIX 2 | 419 |
APPENDIX 3 | 425 |
APPENDIX 4 | 433 |
APPENDIX 5 | 435 |
AUTHOR INDEX | 437 |
SUBJECT INDEX | 439 |
Citi izdevumi - Skatīt visu
Handbook of Computer Crime Investigation: Forensic Tools and Technology Eoghan Casey Priekšskatījums nav pieejams - 2002 |
Bieži izmantoti vārdi un frāzes
Populāri fragmenti
Atsauces uz šo grāmatu
Criminal Profiling: An Introduction to Behavioral Evidence Analysis Brent E. Turvey Ierobežota priekšskatīšana - 2002 |