Book Image

Practical Digital Forensics

By : Richard Boddington
Book Image

Practical Digital Forensics

By: Richard Boddington

Overview of this book

Digital Forensics is a methodology which includes using various tools, techniques, and programming language. This book will get you started with digital forensics and then follow on to preparing investigation plan and preparing toolkit for investigation. In this book you will explore new and promising forensic processes and tools based on ‘disruptive technology’ that offer experienced and budding practitioners the means to regain control of their caseloads. During the course of the book, you will get to know about the technical side of digital forensics and various tools that are needed to perform digital forensics. This book will begin with giving a quick insight into the nature of digital evidence, where it is located and how it can be recovered and forensically examined to assist investigators. This book will take you through a series of chapters that look at the nature and circumstances of digital forensic examinations and explains the processes of evidence recovery and preservation from a range of digital devices, including mobile phones, and other media. This book has a range of case studies and simulations will allow you to apply the knowledge of the theory gained to real-life situations. By the end of this book you will have gained a sound insight into digital forensics and its key components.
Table of Contents (18 chapters)
Practical Digital Forensics
Credits
About the Author
Acknowledgment
About the Reviewer
www.PacktPub.com
Preface
Index

Contingency planning


Strategic business management identifies assets at risk and anticipates the threats to them. Prudent organizations predict the risk and set up processes to mitigate the threat in advance or better manage the consequences after a security breach. An organization's IT team is often engaged in profiling the threat to electronic information and implementing threat minimization and management processes. Their primary role is to restore the functionality of electronic resources and networks after security breaches, including physical and personnel security.

Management and IT personnel are increasingly involved in investigating breaches of security, crime incidents, and personnel misconduct, as presented in the case study in Chapter 9, Validating the Evidence, yet they seldom possess the experience and wherewithal to preserve and recover evidence.

Difficulties confront business managers and non-forensic practitioners, who are often the unwitting custodians of digital evidence...