| | Location: Home » Books » Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes, Second Edition (Information Security) | |
|
|
Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes, Second Edition (Information Security) |  | Authors: Albert Marcella Jr., Doug Menendez
Publisher: Auerbach Publications
Category: Book
List Price: $77.95
Buy Used: $22.58
as of 7/30/2010 16:07 CDT details
You Save: $55.37 (71%)
New (12) Used (14) from $22.58
Seller: mckenziebooks
Rating:  5 reviews
Sales Rank: 758556
Media: Hardcover
Edition: 2
Pages: 528
Number Of Items: 1
Shipping Weight (lbs): 2.4
Dimensions (in): 10.1 x 6.9 x 1.4
ISBN: 0849383285
Dewey Decimal Number: 363.25968
EAN: 9780849383281
ASIN: 0849383285
Publication Date: December 19, 2007
Availability: Usually ships in 1-2 business days
| |
| Also Available In:
|
| Accessories:
|
| Similar Items:
| |
| Editorial Reviews:
Product Description
Designed as an introduction and overview to the field, Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes, Second Edition integrates theory and practice to present the policies, procedures, methodologies, and legal ramifications and implications of a cyber forensic investigation. The authors guide you step-by-step through the basics of investigation and introduce the tools and procedures required to legally seize and forensically evaluate a suspect machine.
Updating and expanding information on concealment techniques, new technologies, hardware, software, and relevant new legislation, this second edition delineates the scope and goals of cyber forensics to reveal and track legal and illegal activity. Beginning with an introduction and definition of cyber forensics, chapters explain the rules of evidence and chain of custody in maintaining legally valid electronic evidence. They describe how to begin an investigation and employ investigative methodology, as well as establish standard operating procedures for the field and cyber forensic laboratory. The authors provide an in depth examination of the manipulation of technology to conceal illegal activities and the use of cyber forensics to uncover them. They discuss topics and issues such as conducting a cyber forensic investigation within both the local and federal legal framework, and evaluating the current data security and integrity exposure of multifunctional devices.
Cyber Forensics includes details and tips on taking control of a suspect computer or PDA and its "operating" environment, mitigating potential exposures and risks to chain of custody, and establishing and following a flowchart for the seizure of electronic evidence. An extensive list of appendices include websites, organizations, pertinent legislation, further readings, best practice recommendations, more information on hardware and software, and a recap of the federal rules of civil procedure.
|
| Customer Reviews:
 Thorough and suitable for the experienced professional April 13, 2002
Mike Tarrani (Deltona, FL USA)
30 out of 31 found this review helpful
This book is an excellent follow-on book to Computer Forensics: Incident Response Essentials by Kruse and Heiser, which introduces the fundamentals. This book goes much deeper and is more technical than the Kruse and Heise, therefore the ideal audience is practicing professionals who have prior experience in forensics and a wide range of hardware, software and network knowledge.Tools and techniques are presented in painstaking detail. I was unable to find a single gap or omission, which speaks highly of the editorial and review process behind this book's 464 pages. While most technical disciplines can dispense with finer details, the nature of forensics is to overlook nothing. If you find the step-by-step thoroughness boring that is an indication that forensics may not be your forte; if you're an experienced professional you'll appreciate the coverage of every technique or use of tools.
While the discussion of tools and techniques will satisfy even the most experienced practitioner, I found the detailed discussion of legal aspects, HR considerations and overall security and incident response processes to be the book's strongest points. This area is what sets forensics experts apart from technicians, and it is here that the book (in my opinion) adds the most value. Procedures ranging from how to properly gather, preserve and control evidence, to legal considerations for designing processes are covered in clear language, as are US and international legal guidelines. Parts that I especially like include: intrusion management and profiling, up-to-date information on electronic commerce legal issues, the numerous checklists and cited resources, and the clearly delineated process for dealing with incidents. If you're new to forensics you will probably get more from this book by first reading Computer Forensics: Incident Response Essentials by Kruse and Heiser. If, however, you have previous computer forensics experience or are currently serving in that role this book is probably one of the best investments you can make.
 Impressive collection of relevant information June 19, 2009
Viken Derderian (Los Angeles, CA)
Cyber forensics is becoming a very interesting niche. and to keep up with Joe the bad guy or Jill the bad girl, one must keep up with technology, understand the reason why, and learn the optimum way on how capture the relevant data after a suspicious activity compromises a business, entity or data; This book is a very good resource to do just that.
This is not a "for Dummies" or "introduction to" book, The author made sure the reader is aware of this in his Foreword "This text will not make you a cyber forensics investigator or technician, if you are not one already!"
Reason I read this book was to use it as a tool to improve the procedures in my company's lab and understand the legal requirement as I collect evidence. I must say that Cyber Forensic 2nd Edition fulfilled that and more. I specially liked the immediate dive into the heart of what is important, from the definition, processes, legal issues to separation of audit from Cyber Forensics Investigations and this is the first chapter. It only gets better; I found Chapter 6 specially helpful, used most of its content and created a template to baseline the readiness of my company's Lab to "American Society of Crime Laboratory Directors Laboratory Accreditation Board".
Although I agree with the author about EnCase's ridiculous pricing practice, I found the software review to be false. Encase does support the collection of enterprise network devices albeit uses an agent to do so. I suggest that Chapter 2 be revised, I also did not like the Author's "evaluation" of different tools and rating them, this fact almost stopped me from reading the rest of the book, I also had issues with chapter 7, I suggest the 3rd edition of this book consider adding network acquisition of forensic evidence in the flowchart, also adding the legal and HR in the process flow(for corporate users) and change calling the roll or the term IT Security officers to Information Security officers (smart companies are separating Infosec from IT). Also in the same chapter I agree with the Incident response team to eradicate Virus infection but the entire process should have been modeled after the NIST SP800-61 or a similar Document, the author did a best effort but not a good one.
In conclusion, I like this book, including most of its useful Appendices.
Best Fishes and thank you for reading.
 DONT BUY THIS 1ST (2002) EDITION! THERE IS A 2ND (2007) EDITION! June 17, 2009
T. Albers (Consistently Lost, USA)
0 out of 1 found this review helpful
I didn't want to influence the overall rating of the book, so I gave it 3 stars. Can't give 2 1/2.
THIS IS THE 1ST EDITION PUBLISHED IN 2002!!!!!! THERE IS A NEW VERSION (PUBLISHED DECEMBER 2007) AVAILABLE!!!
I have notified Amazon of this and I am sure they will address it as soon as they can. However, I didn't want someone else to buy it and receive a different edition than what they expected. If you do want the 1st edition then go ahead and order away. But, if you want the 2nd edition, Amazon does sell it also.
Same title, Same authors, Same publisher, Different edition
[...]
Historically Superb June 29, 2002
J. Thomas (Colorado)
11 out of 20 found this review helpful
I was looking for a book that would teach me how to do things. I can find lots of information on the internet, but I wanted techniques collaborated in one book by a professional. What I found was a lot of legal background, and historical background. I am not starting a computer forensics firm, but I do want to be able to track down, if some sort of mishap occurs. This book provides low level information, like dissecting Netscape, and going through and showing you how to track someone's steps through Netscape Navigator. I wanted some more practical knowledge that I could use to fight spammers, or to show me how to deal with intrusions on my system. I was disappointed with this book, but I hope that you won't be.
 Inconsistent and repetitive November 23, 2008
I. Sfiligoi
0 out of 1 found this review helpful
Although the book presents a wide breath of computer forensics information, it is poorly written.
It repeats the same concepts over and over again, without adding much in the process.
Some sections are just condensed information from other sources.
Some pieces also seem inconsistent.
Lastly, the writing style is hard to follow, making for a boring reading.
|
|
|
Copyright © 2009 Risk Management and Insurance
| |
|
