Table of Contents for
System Forensics, Investigation, and Response, 3rd Edition

Version ebook / Retour

Cover image for bash Cookbook, 2nd Edition System Forensics, Investigation, and Response, 3rd Edition by Easttom Published by Jones & Bartlett Learning, 2017
  1. Cover Page
  2. Contents
  3. System Forensics, Investigation, and Response
  4. Title Page
  5. Copyright Page
  6. Content
  7. Preface
  8. About the Author
  9. PART I Introduction to Forensics
  10. CHAPTER 1 Introduction to Forensics
  11. What Is Computer Forensics?
  12. Understanding the Field of Digital Forensics
  13. Knowledge Needed for Computer Forensics Analysis
  14. The Daubert Standard
  15. U.S. Laws Affecting Digital Forensics
  16. Federal Guidelines
  17. CHAPTER SUMMARY
  18. KEY CONCEPTS AND TERMS
  19. CHAPTER 1 ASSESSMENT
  20. CHAPTER 2 Overview of Computer Crime
  21. How Computer Crime Affects Forensics
  22. Identity Theft
  23. Hacking
  24. Cyberstalking and Harassment
  25. Fraud
  26. Non-Access Computer Crimes
  27. Cyberterrorism
  28. CHAPTER SUMMARY
  29. KEY CONCEPTS AND TERMS
  30. CHAPTER 2 ASSESSMENT
  31. CHAPTER 3 Forensic Methods and Labs
  32. Forensic Methodologies
  33. Formal Forensic Approaches
  34. Documentation of Methodologies and Findings
  35. Evidence-Handling Tasks
  36. How to Set Up a Forensic Lab
  37. Common Forensic Software Programs
  38. Forensic Certifications
  39. CHAPTER SUMMARY
  40. KEY CONCEPTS AND TERMS
  41. CHAPTER 3 ASSESSMENT
  42. PART II Technical Overview: SystemForensics Tools, Techniques, and Methods
  43. CHAPTER 4 Collecting, Seizing, and Protecting Evidence
  44. Proper Procedure
  45. Handling Evidence
  46. Storage Formats
  47. Forensic Imaging
  48. RAID Acquisitions
  49. CHAPTER SUMMARY
  50. KEY CONCEPTS AND TERMS
  51. CHAPTER 4 ASSESSMENT
  52. CHAPTER LAB
  53. CHAPTER 5 Understanding Techniques for Hiding and Scrambling Information
  54. Steganography
  55. Encryption
  56. CHAPTER SUMMARY
  57. KEY CONCEPTS AND TERMS
  58. CHAPTER 5 ASSESSMENT
  59. CHAPTER 6 Recovering Data
  60. Undeleting Data
  61. Recovering Information from Damaged Media
  62. File Carving
  63. CHAPTER SUMMARY
  64. KEY CONCEPTS AND TERMS
  65. CHAPTER 6 ASSESSMENT
  66. CHAPTER 7 Email Forensics
  67. How Email Works
  68. Email Protocols
  69. Email Headers
  70. Tracing Email
  71. Email Server Forensics
  72. Email and the Law
  73. CHAPTER SUMMARY
  74. KEY CONCEPTS AND TERMS
  75. CHAPTER 7 ASSESSMENT
  76. CHAPTER 8 Windows Forensics
  77. Windows Details
  78. Volatile Data
  79. Windows Swap File
  80. Windows Logs
  81. Windows Directories
  82. Index.dat
  83. Windows Files and Permissions
  84. The Registry
  85. Volume Shadow Copy
  86. Memory Forensics
  87. CHAPTER SUMMARY
  88. KEY CONCEPTS AND TERMS
  89. CHAPTER 8 ASSESSMENT
  90. CHAPTER 9 Linux Forensics
  91. Linux and Forensics
  92. Linux Basics
  93. Linux File Systems
  94. Linux Logs
  95. Linux Directories
  96. Shell Commands for Forensics
  97. Kali Linux Forensics
  98. Forensics Tools for Linux
  99. CHAPTER SUMMARY
  100. KEY CONCEPTS AND TERMS
  101. CHAPTER 9 ASSESSMENT
  102. CHAPTER 10 Macintosh Forensics
  103. Mac Basics
  104. Macintosh Logs
  105. Directories
  106. Macintosh Forensic Techniques
  107. How to Examine a Mac
  108. Can You Undelete in Mac?
  109. CHAPTER SUMMARY
  110. KEY CONCEPTS AND TERMS
  111. CHAPTER 10 ASSESSMENT
  112. CHAPTER 11 Mobile Forensics
  113. Cellular Device Concepts
  114. What Evidence You Can Get from a Cell Phone
  115. Seizing Evidence from a Mobile Device
  116. JTAG
  117. CHAPTER SUMMARY
  118. KEY CONCEPTS AND TERMS
  119. CHAPTER 11 ASSESSMENT
  120. CHAPTER 12 Performing Network Analysis
  121. Network Packet Analysis
  122. Network Traffic Analysis
  123. Router Forensics
  124. Firewall Forensics
  125. CHAPTER SUMMARY
  126. KEY CONCEPTS AND TERMS
  127. CHAPTER 12 ASSESSMENT
  128. PART III Incident Response and Resources
  129. CHAPTER 13 Incident and Intrusion Response
  130. Disaster Recovery
  131. Preserving Evidence
  132. Adding Forensics to Incident Response
  133. CHAPTER SUMMARY
  134. KEY CONCEPTS AND TERMS
  135. CHAPTER 13 ASSESSMENT
  136. CHAPTER 14 Trends and Future Directions
  137. Technical Trends
  138. Legal and Procedural Trends
  139. CHAPTER SUMMARY
  140. KEY CONCEPTS AND TERMS
  141. CHAPTER 14 ASSESSMENT
  142. CHAPTER 15 System Forensics Resources
  143. Tools to Use
  144. Resources
  145. Laws
  146. CHAPTER SUMMARY
  147. KEY CONCEPTS AND TERMS
  148. CHAPTER 15 ASSESSMENT
  149. APPENDIX A Answer Key
  150. APPENDIX B Standard Acronyms
  151. Glossary of Key Terms
  152. References
  153. Index
image

APPENDIX B: Standard Acronyms

3DES Triple Data Encryption Standard
ACD automatic call distributor
AES Advanced Encryption Standard
ANSI American National Standards Institute
AP access point
API application programming interface
B2B business to business
B2C business to consumer
BBB Better Business Bureau
BCP business continuity planning
C2C consumer to consumer
CA certificate authority
CAP Certification and Accreditation Professional
CAUCE Coalition Against Unsolicited Commercial Email
CCC CERT Coordination Center
CCNA Cisco Certified Network Associate
CERT Computer Emergency Response Team
CFE Certified Fraud Examiner
CISA Certified Information Systems Auditor
CISM Certified Information Security Manager
CISSP Certified Information System Security Professional
CMIP Common Management Information Protocol
COPPA Children’s Online Privacy Protection Act of 1998
CRC cyclic redundancy check
CSI Computer Security Institute
CTI Computer Telephony Integration
DBMS database management system
DDoS distributed denial of service
DES Data Encryption Standard
DMZ demilitarized zone
DoS denial of service
DPI deep packet inspection
DRP disaster recovery plan
DSL digital subscriber line
DSS Digital Signature Standard
DSU data service unit
EDI Electronic Data Interchange
EIDE Enhanced IDE
FACTA Fair and Accurate Credit Transactions Act
FAR false acceptance rate
FBI Federal Bureau of Investigation
FDIC Federal Deposit Insurance Corporation
FEP front-end processor
FRCP Federal Rules of Civil Procedure
FRR false rejection rate
FTC Federal Trade Commission
FTP File Transfer Protocol
GIAC Global Information Assurance Certification
GLBA Gramm-Leach-Bliley Act
HIDS host-based intrusion detection system
HIPAA Health Insurance Portability and Accountability Act
HIPS host-based intrusion prevention system
HTML Hypertext Markup Language
HTTP Hypertext Transfer Protocol
HTTPS HTTP over Secure Socket Layer
IAB Internet Activities Board
IDEA International Data Encryption Algorithm
IDPS intrusion detection and prevention system
IDS intrusion detection system
IEEE Institute of Electrical and Electronics Engineers
IETF Internet Engineering Task Force
InfoSec information security
IP Internet Protocol
IPS intrusion prevention system
IPSec IP Security
IRS Internal Revenue Service
(ISC)2 International Information System Security Certification Consortium
ISO International Organization for Standardization
ISP Internet service provider
ISS Internet security system
ITRC Identity Theft Resource Center
IVR interactive voice response
JTAG Joint Test Action Group (JTAG) methods
LAN local area network
MAN metropolitan area network
MD5 Message Digest 5
modem modulator demodulator
NFIC National Fraud Information Center
NIDS network intrusion detection system
NIPS network intrusion prevention system
NIST National Institute of Standards and Technology
NMS network management system
OS operating system
OSI Open System Interconnection
PBX private branch exchange
PCI Payment Card Industry
PGP Pretty Good Privacy
PKI public key infrastructure
RAID redundant array of independent disks
RFC request for comments
RSA Rivest, Shamir, and Adleman (algorithm)
SAN storage area network
SANCP Security Analyst Network Connection Profiler
SANS SysAdmin, Audit, Network, Security
SAP service access point
SCSI Small Computer System Interface
SET secure electronic transaction
SGC server-gated cryptography
SHA Secure Hash Algorithm
S-HTTP Secure HTTP
SLA service-level agreement
SMFA specific management functional area
SNMP Simple Network Management Protocol
SOX Sarbanes-Oxley Act of 2002 (also Sarbox)
SSA Social Security Administration
SSCP Systems Security Certified Practitioner
SSL Secure Sockets Layer
SSO single system sign-on
STP shielded twisted cable
SWGDE Scientific Working Group on Digital Evidence
TCP/IP Transmission Control Protocol/Internet Protocol
TCSEC Trusted Computer System Evaluation Criteria
TFTP Trivial File Transfer Protocol
TNI Trusted Network Interpretation
UDP User Datagram Protocol
UPS uninterruptible power supply
UTP unshielded twisted cable
VLAN virtual local area network
VOIP Voice over Internet Protocol
VPN virtual private network
W3C World Wide Web Consortium
WAN wide area network
WLAN wireless local area network
WNIC wireless network interface card
WWW World Wide Web