"Provides the right mix of practical how-to knowledge in a straightforward, informative fashion that ties it all the complex pieces together with real-world case studies. ...Delivers the most valuable insight on the market. The authors cut to the chase of what people must understand to effectively perform computer forensic investigations." --Brian H. Karney, COO, AccessData Corporation
The latest strategies for investigating cyber-crime
Identify and investigate computer criminals of all stripes with help from this fully updated. real-world resource. Hacking Exposed Computer Forensics, Second Edition explains how to construct a high-tech forensic lab, collect prosecutable evidence, discover e-mail and system file clues, track wireless activity, and recover obscured documents. Learn how to re-create an attacker's footsteps, communicate with counsel, prepare court-ready reports, and work through legal and organizational challenges. Case studies straight from today's headlines cover IP theft, mortgage fraud, employee misconduct, securities fraud, embezzlement, organized crime, and consumer fraud cases.
Effectively uncover, capture, and prepare evidence for investigation
Store and process collected data in a highly secure digital forensic lab
Restore deleted documents, partitions, user activities, and file systems
Analyze evidence gathered from Windows, Linux, and Macintosh systems
Use the latest Web and client-based e-mail tools to extract relevant artifacts
Overcome the hacker's anti-forensic, encryption, and obscurity techniques
Unlock clues stored in cell phones, PDAs, and Windows Mobile devices
Prepare legal documents that will hold up to judicial and defense scrutiny
Aaron Philipp is a managing consultant in the Disputes and Investigations practice at Navigant Consulting, which assists domestic and global corporations and their counsel who face complex and risky legal challenges.
David Cowen, CISSP, is a partner at G-C Partners, LLC, where he provides expert witness services and consulting to Fortune 500 companies nationwide.
Chris Davis, CISA, CISSP, is an information security and computer forensics author, trainer, and presenter.
Keywords: SECURITY, NETWORKING, HACKING, BOOK, GUIDE, HOW TO, COMPUTER FORENSICS, INCIDENT RESPONSE, PREPARING FOR AN INCIDENT, THE FORENSICS PROCESS, COMPUTER FUNDAMENTALS, FORENSICS LAB ENVIRONMENT PREPARATION, COLLECTING THE EVIDENCE, FORENSICALLY SOUND EVIDENCE COLLECTION, COVERT AND REMOTE COLLECTIONS, FORENSIC INVESTIGATION TECHNIQUES, WINDOWS SYSTEMS ANALYSIS, UNIX SYSTEMS ANALYSIS, MACINTOSH ANALYSIS, DEFEATING ANTI-FORENSIC TECHNIQUES, ENTERPRISE STORAGE ANALYSIS, EMAIL ANALYSIS, TRACKING USER ACTIVITY, SMART PHONE AND PDA ANALYSIS, PRESENTING YOUR FINDINGS, DOCUMENTING THE INVESTIGATION, THE JUSTICE SYSTEM, PUTTING IT TOGETHER, CASE SPECIFICS, IP THEFT, EMPLOYEE MISCONDUCT, SECURITIES FRAUD, EMBEZZLEMENT, ORGANIZED CRIME AND HACKING, CFOREIGN CORRUPT PRACTICES, MONEY LAUNDERING, FORENSIC FORMS, CHECKLISTS, UNDERSTANDING LEGAL CONCERNS, SEARCHING TECHNIQUES, INCIDENT RESPONSE, MALWARE, HACKING EXPOSED, HACKING EXPOSED WEB 2.0, HACKING EXPOSED VOIP, HACKING EXPOSED WINDOWS, HACKING EXPOSED WEB APPLICATIONS, HACKING EXPOSED CISCO NETWORKS, GRAY HAT HACKING, HACKING EXPOSED WIRELESS, HACKING EXPOSED COMPUTER FORENSICS, 19 DEADLY SINS OF SOFTWARE SECURITY, 24 DEADLY SINS OF SOFTWARE SECURITY, , CCNA CISCO CERTIFIED NETWORK ASSOCIATE STUDY GUIDE, CCENT CISCO CERTIFIED ENTRY NETWORKING TECHNICIAN STUDY GUIDE, CCNA CISCO CERTIFIED NETWORK ASSOCIATE WIRELESS STUDY GUIDE, CISSP ALL-IN-ONE EXAM GUIDE, MOBILE APPLICATION SECURITY, HACKING EXPOSED MALWARE AND ROOTKITS