From the Inside Flap
Cyber forensics: From Data to Digital Evidence
As a cyber forensic investigator, simply pressing buttons or ticking off options on forensic softwarewithout understanding what is happening behind the scenescreates a gaping hole in your company's infosecurity. Painting a broad picture of the field, Cyber Forensics provides you with the specific knowledge you need to not only find key data in forensic investigations but also speak confidently about the validity of the data identified, accessed, and analyzed as part of a comprehensive cyber forensic investigation.
Authors Albert Marcella and Frederic Guillossouboth forensic and IT specialistsbegin by explaining the origins of data. From there, the authors address concepts related to data storage, boot records, partitions, volumes, and file systems, and how each of these is interrelated and essential in a cyber forensic investigation. They then analyze the roles these concepts play in an investigation and what type of evidential data may be identified within each of these areas.
Providing a thorough foundation to this emerging field, this step-by-step reference covers:
Converting binary to decimal
The power of HEX
Forensics and encrypted files
Master Boot Record (MBR)
Volume versus Partition
FAT filing system limitations
New technology file system
Forensic Investigative Smart Practices
MS-DOS 32-bit time stamp: date and time
Characteristics of a good cyber forensic report
A cyber forensic process summary
Ronelle Sawyer and Jose McCarthytwo fictional charactersare used throughout the book to illuminate specific IT and cyber forensic concepts and discuss critical cyber forensic processes. Their activities and actions bring cyber forensic concepts to life by providing you with specific examples of the applications. Cyber Forensics also examines Endianness and timetwo important yet often overlooked topicsthat drastically impact almost every cyber-based investigation.
Progressing logically from data to digital evidence, Cyber Forensics provides you with the most comprehensive examination and discussion of the science of cyber forensic investigations, what is happening behind the scenes to data and why, what to look for, and where to find it, so you can conduct cyber forensic investigations with a better understanding of the technologies involved.
From the Back Cover
Praise For Cyber Forensics
"For novice and experienced examiners alike, this book is unlike many of its genre and actually keeps your interest from the first to the last page. The incorporation of an event necessitating an investigative effort, combined with an overview of the computer forensic methodology, is a must-read."
Detective Andy Hrenak, CFCE/A+/ACE/DFCB, Hazelwood Police Department, RCCEEG Forensic Examiner
"This book is a must-read for all practicing forensic professionals and students interested in gaining a deeper understanding of cyber forensics. The authors manage to explain cyber forensics in an unthreatening and understandable way! Good job, guys!"
Bruce Monahan, Chief Audit Executive, Selective Insurance Group, Inc.
"Marcella and Guillossou have created one of the most important resources for cyber forensic professionals available today. The need for understanding electronic data at its most basic level is critical to help ensure that a cyber forensic investigator or expert witness can confidently handle any legal cross-examination. If you want to gain the detailed knowledge of how 'bits' and 'bytes' of data become digital evidence, this book is for you!"
Doug Menendez, CISA, CIA, Audit Manager, Graybar Electric Company; coauthor, Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes, Second Edition
"This book is a solid foundation for anyone wishing to improve their forensic skills and provide stronger investigative and legal case support. The use of a fictitious case throughout the text to illustrate points and demonstrate process is very effective."
Jeff Lukins, Dynetics Technical Services, Inc.
"Cyber Forensics is the only book on computer forensics in which the authors take the bottom-up approachexplaining fundamentals of digital data storage and retrieval before discussing any forensic techniques. The book focuses more on the scientific concepts of computer forensics and less on the law-enforcement-related activities. This makes the book a perfect text for college-level computer science students."
Dr. Lydia Ray, Assistant Professor of Computer Science, Columbus State University
"The need for clear but detailed understanding is absolutely critical to effectively obtain and utilize digital data to any end, but especially for investigatory results. Messrs. Marcella and Guillossou have delivered on that need in their newest text, Cyber Forensics: From Data to Digital Evidence. This text will be added to my personal reference library immediately. Thank you, gentlemen, for your efforts and results for those of us that need this type of information."
Don Caniglia, CGEIT, CISA, CISM, FLMI, founder/CEO, ITRisk Management Services, LLC