Update cookies preferences

E-book: Building a Digital Forensic Laboratory: Establishing and Managing a Successful Facility

3.50/5 (12 ratings by Goodreads)
, (Director, Forensic Computing Ltd. London, UK)
  • Format: EPUB+DRM
  • Pub. Date: 19-Apr-2011
  • Publisher: Syngress
  • Language: eng
  • ISBN-13: 9780080949536
Other books in subject:
  • Format - EPUB+DRM
  • Price: 61,74 €*
  • * the price is final i.e. no additional discount will apply
  • Add to basket
  • Add to Wishlist
  • This ebook is for personal use only. E-Books are non-refundable.
Building a Digital Forensic Laboratory: Establishing and Managing a Successful FacilityLarger Image
  • Format: EPUB+DRM
  • Pub. Date: 19-Apr-2011
  • Publisher: Syngress
  • Language: eng
  • ISBN-13: 9780080949536
Other books in subject:

DRM restrictions

  • Copying (copy/paste):

    not allowed

  • Printing:

    not allowed

  • Usage:

    Digital Rights Management (DRM)
    The publisher has supplied this book in encrypted form, which means that you need to install free software in order to unlock and read it.  To read this e-book you have to create Adobe ID More info here. Ebook can be read and downloaded up to 6 devices (single user with the same Adobe ID).

    Required software
    To read this ebook on a mobile device (phone or tablet) you'll need to install this free app: PocketBook Reader (iOS / Android)

    To download and read this eBook on a PC or Mac you need Adobe Digital Editions (This is a free app specially developed for eBooks. It's not the same as Adobe Reader, which you probably already have on your computer.)

    You can't read this ebook with Amazon Kindle

The need to professionally and successfully conduct computer forensic investigations of incidents and crimes has never been greater. This has caused an increased requirement for information about the creation and management of computer forensic laboratories and the investigations themselves. This includes a great need for information on how to cost-effectively establish and manage a computer forensics laboratory. This book meets that need: a clearly written, non-technical book on the topic of computer forensics with emphasis on the establishment and management of a computer forensics laboratory and its subsequent support to successfully conducting computer-related crime investigations.

* Provides guidance on creating and managing a computer forensics lab
* Covers the regulatory and legislative environment in the US and Europe
* Meets the needs of IT professionals and law enforcement as well as consultants

Reviews

"This book is designed to get at the heart of the matter." --Dave Kleiman, computer forensics expert and security software developer

More info

Fills the need of the growing number of IT and law enforcement professionals looking for information on digital forensics
Foreword xxiii
Preface xxv
Acknowledgments xxvii
Section I Creating a Digital Forensics Laboratory
1(110)
An Introduction to Digital Forensics
5(15)
Introduction
6(1)
Some History
6(1)
Principles of Digital Forensics
7(11)
Prcedures
8(1)
Phases of a Digital Forensic Investigation
9(1)
Common Mistakes
10(1)
Chain of Custody
11(1)
Potential Sources of Evidence
11(1)
The Digital Forensic Examiner
12(2)
Types of Data
14(1)
Forensic Readiness
14(3)
Legal Aspects of Digital Forensics
17(1)
Summary
18(172)
Notes
18(2)
Types of Digital forensic Investigation
19(8)
Introduction
20(1)
Reasons for Conducting a Digital Forensic Investigation
20(6)
The role of the Computer in a Crime
20(1)
Tupes of Devices and Systems that May Require Investigation
20(1)
Issues to Be Considered When Dealing with a Single Computer
21(1)
Issues to Be Considered When Dealing with a Networked Computer
21(1)
Issues to Be Considered When Dealing with Handheld Devices
22(1)
Live Forensics
23(1)
Reasons for Conducting an Investigation
24(1)
Criminal Investiagtions
24(1)
Civil Litigation Investigations
24(1)
Data Discovery
25(1)
Data Recovery
25(1)
Summary
26(1)
Notes
26(1)
Establishing and Managing a Digital Forensics Laboratory
27(20)
Introduction
28(1)
Establishing the Laboratory
28(17)
The Role of the Laboratory
29(1)
The Budget
30(1)
Staff Considerations---Digital Forensics Laboratory Management
30(1)
Staff Considerations---Staff Levels and Roles
31(1)
Allocation of Duties
32(1)
Staff Training and Experience
33(1)
Staff and Laboratory Productivity
33(1)
Counseling
33(1)
Outsourcing Policies and the Use of External Experts
34(1)
Accommodation Requirements
34(2)
Other Issues to Consideration in the Development of the Laboratory
36(1)
An xample of a Digital Forensics Laboratory
37(1)
Identification of the ``Customer'' Base
38(1)
Prioritization of Cases
38(1)
Quality Review Procedures
39(1)
Standards
39(1)
Equipment Testing
39(1)
Equipment and Software
39(1)
Equipment and Selection
40(1)
Hardware
40(1)
Software
41(1)
Ditigal Forensics Software
41(1)
Digital Storage
41(1)
Crime Scene Equipment
42(1)
Information Resources
43(1)
Health and Safety
43(1)
Data Retention and Storage Policy
44(1)
The Reporting of Findings
44(1)
Plans
44(1)
Communications
44(1)
Summary
45(2)
Notes
45(2)
Scoping the Requirement for the Laboratory
47(12)
Introduction
48(1)
Throughput
48(2)
The ``Job''
50(1)
The Hardware and Software
50(8)
Forensic Analysis Workstations
50(2)
Disk Imaging Stations
52(1)
Mobile Device Imaging Stations
53(1)
Software
54(1)
Evidence Storage
55(1)
Archive Storage
56(1)
Hardware Work Benches
56(1)
Updates, Maintenance, Equipment Obsolescence, and Retirement
56(2)
Summary
58(1)
Developing the Business Plan
59(12)
Introduction
60(1)
The Business Plan
60(10)
Summary
70(1)
Note
70(1)
Laboratory Location
71(8)
Introduction
72(1)
The Location of a Laboratory
72(6)
Using Internal Zoning
75(1)
Power Supply Controls
75(1)
Cameras
76(1)
Air Conditioning
76(1)
Emissions Control
77(1)
Fire Control
78(1)
Insurance
78(1)
Summary
78(1)
Selecting the Staff
79(8)
Introduction
80(1)
Roles within the Laboratory
80(1)
The Laboratory Manager
80(1)
Digital Forensics Examiners/Analysts
80(1)
Case Investigator/Managers
80(1)
Laboratory Technicians
81(1)
Staff Selection
81(3)
Qualifications vs. Experience
81(1)
Pre-Empployment Screening
82(1)
Background Checks
83(1)
Security Clearances
84(1)
Support for Staff
84(1)
Ancillary and Contract Staff
85(1)
Summary
86(1)
Education and Training
87(14)
Introduction
88(1)
External Factors
88(12)
Forensic Software
89(1)
Training: The Good, the Bad, and the Ugly
89(1)
Higher Education
90(2)
Balance
92(1)
Developing Specializations
92(2)
Planning and Budgeting
94(1)
Assessing Training and Competence
94(3)
Outcome A-1
97(1)
Assessing Competence
97(2)
Protecting Your Investment
99(1)
Summary
100(1)
Notes
100(1)
Legislation, Regulation, and Standards
101(10)
Introduction
102(1)
The Doctrine of Documentary Evidence
102(1)
Prevailing Health and Safety Laws in the UK
103(7)
The Health & Safety at Work Act 1974
103(1)
The Management of Health & Safety at Work Regulatins Act 1999
104(1)
The Electricity at Work Regulations Act 1989
104(1)
The Provision and Use of Work Equipment Regulations (PUWER) 1998
104(6)
Summary
110(1)
Notes
110(1)
Section II Digital Forensic Incident and Crime Investigation Management
111(66)
Responding to Crimes Requireing Ditital Forensic Investigation
115(12)
Introduction
116(1)
Capabilities
116(1)
Stand-Alone Devices
116(4)
Wireless Device Issues
120(1)
Health and Safety
121(4)
Health and Safety Risk Assessments
121(1)
Security Issues
122(1)
Security Risk Assessment
123(1)
Record Keeping
124(1)
Summary
125(2)
Management of the Collection of Evidence
127(2)
Introduction
128(1)
Collecting the Evidence
128(9)
Designing the collection System
130(1)
Identification
130(2)
Authority Verification and Validation
132(1)
Archiving and Advailability
132(1)
Collection of Evidence
133(1)
On-Site Triage
133(1)
Evidence Transit
134(1)
Evidence Receipt
134(1)
Procedural Decumentation
135(2)
Conclusion
137(2)
Management of Evidence Storage
139(1)
Introduction
140(1)
management of Evidence Storage
140(6)
Managing Electronic Evidence Storage
142(1)
Electronic Evidence Management for Analysis
142(1)
Movement of Electronic Evidence
142(1)
Availability versus Viability
143(1)
Archival Phase
144(1)
Magnetic Tape
144(1)
Optical Media: CD, DVD, BluRay
145(1)
Large Disk Drive Clusters (RAID, NAS)
145(1)
Management and Maintenance of the Archival Storage
145(1)
Conclusions
146(3)
Quality Assurance
149(10)
Introduction
150(1)
What is Assurance?
150(1)
What is Quality?
150(2)
QA in Ditigal Forensic Acquisition
152(1)
QA of the Analysis Phase
152(1)
QA for the Evidence Presentation
153(1)
QA for Software
153(2)
QA of Hardware
155(1)
Process QA
156(1)
QA of the Documentation
156(1)
QA of Process Documentation
156(1)
Case-based Documentation
156(1)
Review Documentation
156(1)
Conclusions
157(2)
High Technology Crimes: Case Summaries
159(18)
Introduction
160(1)
High Technilogy Crime Cases
160(15)
Operation buccaneer
160(2)
The Trojan Defense
162(1)
Insufficient Evidence
163(1)
Discrediting of Expert Witnesses
164(1)
Police Accused of Negligence in Porn Case
165(1)
Operation Avalanche
165(1)
Operation Ore
166(1)
Operation Cathedral
167(1)
Operation Site-Key
168(1)
Israeli Industrial Espionage
168(1)
The Paul Grout Case
169(1)
Not so Anonymous
170(1)
Pornography Access
171(1)
Unique Identification
171(1)
Crunchy the Courier
172(1)
The Disappearing Evidence
173(2)
Summary
175(2)
Notes
175(2)
Section III Overview of the Digital Forensic Investigations Profession and Unit
177(70)
Understanding the Role of the Digital Forensic Laboratory manager
181(10)
Introduction
182(1)
The Laboratory Manager's Major Functions
182(2)
Financial Management
182(1)
Budgeting
182(1)
Planning
183(1)
Human Resources
184(2)
Employee Hiring
184(1)
Training
184(1)
Performance Management
185(1)
Professional Standards
185(1)
Occupational Health and Safety
186(1)
Case Management
186(2)
Case Alocation
186(1)
Analysis of Outcomes
187(1)
Documentation
188(1)
Facilities Management
188(2)
Structures
188(1)
Physical Infrastructure
189(1)
Software and Hardware Facilities
189(1)
Summary
190(1)
The Digital Forensics Laboratory: Strategic, Tactical, and Annual Plans
191(10)
Introduction
192(1)
Relationship of the Business Plans
192(8)
The Digital Forensic Laboratory Strategic Plan
193(1)
The Ditigal Forensic Laboratory Strategic Plan Objective
193(1)
Communication and Coordination of Digital Forensic Laboratory Strategic Plan
193(1)
Planning considerations for the Digital Forensic Laboratory Strategic Plan
194(1)
Mapping the Ditigal Forensic Laboratory Strategic Plan to the Security Department's and Parent Organization's Strategic Business Plan
195(1)
Writing the Digital Forensic Laboratory Strategic Plan
195(1)
The Digital Forensic Laboratory Tactical Plan
196(1)
Writing the Digital Forensic Laboratory Tactical Plan
197(1)
The Digital Forensic Laboratory Annual Plan
197(1)
Projects within the Digital Forensic Laboratory Annual Plan
198(1)
Mapping the Digital Forensic laboratory Annual Plan to the Security Department and the Overall Organization Annual Business Plan
199(1)
Writing the Ditigal Forensic Laboratory Annual Plan
199(1)
Mapping Digital Forensic Laboratory Strategic Plan, the Tactical Plan, and Annual Plan to Projects Using a Matrix
200(1)
Summary
200(1)
Networking, Liaison, and Sources of Information
201(10)
Introduction
202(1)
Knowledge and Skills
202(1)
Networking
202(1)
Liaison
203(1)
Networking with Contracts inside the Organization
203(1)
Networking outside the Organization
204(1)
Maintaining the List of Contracts
204(1)
Collecting and Storing Information
205(1)
Other Sources of Information and Knowledge
205(2)
Classifying the Reliability of sources and the accuracy of Their Information
207(2)
Summary
209(2)
Note
209(2)
Computer Forensic Investigation Unit Metrics Management System
211(8)
Introduction
212(1)
The Metrics
212(5)
Management Issues
212(1)
The Quotation Process
213(1)
The Imaging Process
214(1)
The Analytical Process
214(3)
Summary
217(2)
Workload Management and the Outsourcing Option
219(14)
Introduction
220(1)
In-house Workload Management
220(1)
Using Triage Techniques
220(1)
In-house or Outsource?
221(11)
A Definition of Outsourcing
222(1)
The Advantages and Disadvantages of Carrying Out Tasks In-house
222(1)
Pros
223(1)
Cons
223(1)
The Advantages and Disadvantages of Outsourcing Work from the Digital Forensic Laboratory
224(1)
Pros
224(1)
Cons
225(1)
Analysis or Outsourcing Options
226(1)
Initial Analysis
226(1)
Detailed Analysis
227(1)
Cost
228(1)
Quality
229(1)
Experience
229(1)
Likelihood of Successful Outcome
229(1)
Consequence of Failure
230(1)
Final Decision on Outsourcing
231(1)
Monitoring and Review
231(1)
Summary
232(1)
Note
232(1)
Developing a Career in Digital Forensic Management
233(8)
Introduction
234(1)
What Does a Manager Do?
235(1)
Characteristics of a Manager
235(1)
Positioning Yourself for the Job
236(1)
Once You Have the Job
237(2)
Training
238(1)
Leadership or Management?
239(1)
Summary
239(2)
A Summary of Thoughts, Issues, and Problems
241(6)
Introduction
242(1)
What Makes a Digital Forensic Laboratory Successful?
243(1)
Are You Up for the Job of Digital Forensic Laboratory Manager?
243(1)
What the Future Holds
244(3)
Section IV Future Digital Forensic Investigation Challenges
247(18)
The Future of Digital Forensics and Its Role in Criminal Investigations
249(6)
Introduction
250(1)
The Implication of Changes in Criminal Investigations
251(1)
The Changing Face of Crime
251(1)
The Changing Role of Digital Forensics
252(1)
Summary
253(2)
Notes
253(2)
The Future of Digital Forensics in the Criminal Justice System
255(6)
Introduction
256(1)
What is Changing
257(1)
What the Future Holds
258(1)
Summary
259(2)
Conclusions and Final Thoughts
261(4)
Introduction
262(1)
Management Challenges
262(2)
Skills and Knowledge Areas
262(1)
Personality Profile of a Manager
263(1)
What the Future Holds
264(1)
Appendix A Digital Forensic Resources
265(10)
Introduction
266(1)
Laboratory and Staff Certification Authorities
266(1)
Certifications
267(1)
Organizations
268(1)
Digital Forensic Guidelines
268(1)
Books
269(2)
Journals
271(1)
Forums and Blogs
271(1)
Online Resources
272(2)
Academic Resources
274(1)
Appendix B Risk Assessment Template
275(4)
Index 279
Dr. Andrew Jones is a digital forensic and information security researcher and academic and has developed several tools and processes for the efficient and effective recovery of data from a range of devices. He has also participated and led a number of forensic investigations for criminal and civil cases.

Andrew has been involved in several information security projects for the Government Communications Electronic Security Group (CESG), the Office of the E-Envoy, the police and a defense contractor. He acted as the technical advisor for the then National Crime Squad Data Acquisition and Recovery Team and he is currently on the committees for five information security and computer forensic conferences. He also sat on two working groups of the governments Central Sponsor for Information Assurance National Information Assurance Forum. He holds posts as an adjunct professor at Edith Cowan University in Perth, Australia and the University of South Australia in Adelaide.

He has authored six books in the areas of Information Warfare, Information Security and Digital Forensics, including co-authoring Digital Forensics Processing and Procedures, First Edition.
More information about ebooks More information about ebooks
Permanent link: https://www.kriso.ee/db/97800809495366e.html
Keywords: