Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ
Tải xuống
This book contains information obtained from authentic and highly regarded sources. Reprinted material is quoted with permission, and sources are indicated. A wide variety of references are listed. Reasonable efforts have been made to publish reliable data and information, but the authors and the publisher cannot assume responsibility for the validity of all materials or for the consequences of their use. Neither this book nor any part may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, microfilming, and recording, or by any information storage or retrieval system, without prior permission in writing from the publisher | CYBER FORENSICS A Field Manual for Collecting Examining and Preserving Evidence of Computer Crimes Albert J. Marcella Robert S. Greenfield Cyber Forensics Table of Contents Cyber Forensics A Field Manual for Collecting Examining and Preserving Evidence of Computer Crimes.1 Disclaimer.6 Introduction.7 Background.8 Dimensions of the Problem.9 Computer Forensics.10 Works Cited.11 Section I Cyber Forensics.13 Chapter List.13 .13 Chapter 1 The Goal of the Forensic Investigation.14 Overview.14 Why Investigate.14 Internet Exceeds Norm.14 Inappropriate E-mail.16 Non-Work-Related Usage of Company Resources.17 Theft of Information.18 Violation of Security Parameters.18 Intellectual Property Infraction.19 Electronic Tampering.20 Establishing a Basis or Justification to Investigate.21 Determine the Impact of Incident.22 Who to Call Contact.24 If You Are the Auditor Investigator.24 Resources.25 Authority.25 Obligations Goals.25 Reporting Hierarchy.25 Escalation Procedures.25 Time Frame.26 Procedures.26 Precedence.26 Independence.26 Chapter 2 How to Begin a Non-Liturgical Forensic Examination.27 Overview.27 Isolation of Equipment.27 Cookies.29 Bookmarks.31 History Buffer.32 Cache.34 Temporary Internet Files.35 Tracking of Logon Duration and Times.35 Recent Documents List.36 Tracking of Illicit Software Installation and Use.37 i Table of Contents Chapter 2 How to Begin a Non-Liturgical Forensic Examination The System Review.38 The Manual Review.41 Hidden Files.42 How to Correlate the Evidence.43 Works Cited.44 Chapter 3 The Liturgical Forensic Examination Tracing Activity on a Windows-Based Desktop.45 Gathering Evidence For Prosecution Purposes.45 Gathering Evidence Without Intent to Prosecute.45 The Microsoft Windows-Based Computer.46 General Guidelines To Follow.48 Cookies.50 Bookmarks Favorites.53 Internet Explorer s History Buffer.54 Temporary Storage on the Hard Drive.55 Temporary Internet Files.56 System Registry.57 Enabling and Using Auditing via the Windows Operating .
