The Virtual Bookcase for browsing and sharing reviews of books. New to this site? Read the welcome page first.

The Virtual Bookcase Home
Recent reviews
Collected book news
Welcome to this site

Book details of 'Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes'

Cover of Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes
TitleCyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes
Author(s)Albert J. Marcella Jr, Robert S. Greenfield
PublishedJanuary 2002
PublisherAuerbach Pub
Web links for this book
Search at
Wikipedia booksources
Shop for this book
As an Amazon Associate I earn from qualifying purchases

Back to shelf Computer security

Score: score: 2.0 **---  Vote for this book

The Virtual Bookcase Reviews of 'Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes':

Reviewer Rob Slade wrote:
The introduction to this book emphasizes the fact that this is a field manual, designed for quick reference, and not a textbook for study. Unfortunately, the authors seem to have taken this as licence to throw in all manner of random text and documents, without much structure or thought for the user. Section one outlines the various aspects of cyber forensics, according to the book's definition. Chapter one is entitled "The Goal of the Forensic Investigation," but the actual contents offer both more and less than that. The chapter starts with a few possible specific investigations, and provides directions on initial questions to ask. When the material moves to more general discussion of investigations, it becomes vague, and loses utility. Non-liturgical investigation (one that is not expected to end up in court) is examined in chapter three, even though the text admits that the procedure should be the same whether you expect to end in court or not: just collect everything you can. The content is limited to Windows, and specifically to the use of Internet Explorer. Much the same, with a little additional material on the Registry and event log, is done with liturgical investigations in chapter three. A repetition of the same information about Internet Explorer cache and cookies is found in chapter four. Chapter five describes nmap, and its author, in some detail, and then lists a number of other UNIX utilities. The broadest possible interpretation of intrusion investigation is discussed in chapter six, and, again, the advice boils down to the importance of careful collection of all possible information. Chapter seven outlines rules of and considerations for evidence in US courts of law. Section two expands on this last chapter, looking at US (and supposedly international) statutes. Chapter eight examines US law regarding the admissability of evidence intercepted from communications or recovered from seized computers. Changes to the US National Information Infrastructure Protection Act, and an editorial stating that cybercrime is bad, are given in chapter nine. The preamble to, and some questions about, a draft of the Council of Europe Convention on Cybercrime, are reproduced in chapter ten. Chapter eleven contains random comments on privacy. US Presidential Decision Directive 63, calling for a plan for protection of information infrastructure, and a speech justifying the use of Carnivore are reprinted in chapter twelve. Chapter thirteen replicates an overview of US Public Law 106-229 on electronic signatures (E-SIGN) as well as a number of other pieces relating to electronic commerce. Legal considerations in providing the electronic systems mandated by the US government paperwork reduction act are discussed in chapter fourteen. Speeches and comments on the US government's attitude towards encryption ore given in chapter fifteen. Chapter sixteen looks at various pieces of US legislation related to copyright. Section three concerns tools for forensic investigation. Chapter seventeen discusses such tools in a very generic way, and then briefly lists a number of specific programs. There is a two page list of FBI office phone numbers in chapter eighteen, which is supposed to guide you in reporting Internet-related crime. Chapter nineteen is a simplistic four page list of questions to ask when conducting a computer audit. This is definitely not a field manual. It offers almost no practical advice on collecting evidence from computers: if the material in this book is helpful to you, you have too little knowledge of the technology to have any business being engaged in computer forensics. The most valuable part of the book involves the collection of documents regarding US computer related legislation, but that would be of interest only to American lawyers. It would be difficult to recommend this work to anyone else. Even security personnel wanting a background on US federal legislation might be advised to look elsewhere, since the lack of structure and analysis in the book makes it very hard to read. copyright Robert M. Slade, 2002

Add my review for Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes

Book description:

Given our increasing dependency on computing technology in daily business processes, and the growing opportunity to use engineering technologies to engage in illegal, unauthorized, and unethical acts aimed at corporate infrastructure, every organization is at risk. Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes provides a comprehensive, highly usable, and clearly organized resource to the issues, tools, and control techniques needed to successfully investigate illegal activities perpetuated through the use of information technology.Traditional forensics professionals use fingerprints, DNA typing, and ballistics analysis to make their case. Infosec professionals have to develop new tools for collecting, examining, and evaluating data in an effort to establish intent, culpability, motive, means, methods and loss resulting from e-crimes. The field bible for infosecurity professionals, this book introduces you to the broad field of cyber forensics and presents the various tools and techniques designed to maintain control over your organization. You will understand how to:oIdentify inappropriate uses of corporate IToExamine computing environments to identify and gather electronic evidence of wrongdoingoSecure corporate systems from further misuseoIdentify individuals responsible for engaging in inappropriate acts taken with or without corporate computing systemsoProtect and secure electronic evidence from intentional or accidental modification or destructionCyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes provides a set of varied resources for anyone required to look under the hood and behind closed doors of a virtual world to gather evidence and to establish credible audit trails of electronic wrong doing. Knowing how to identify, gather, document, and preserve evidence of electronic tampering and misuse makes reading this book and using the forensic audit procedures it discusses essential to protecting corporate assets.

Search The Virtual Bookcase

Enter a title word, author name or ISBN.

The shelves in The Virtual Bookcase

Arts and architecture (25)
Biography (24)
Business and Management (120)
Cars and driving (53)
Cartoons (45)
Children's books (180)
Computer (475)
Computer history/fun (113)
Computer networks (382)
Computer programming (215)
Computer security (272)
Cook books (89)
Fantasy (154)
Fiction (446)
Health and body (71)
History (138)
Hobby (37)
Horror (65)
Humorous books (52)
Literature (57)
Operating systems (94)
Outdoor camping (162)
Outdoors (236)
Politics (85)
Privacy (61)
Psychology (55)
Religion (17)
Science (113)
Science Fiction (156)
Self-help books (56)
Technology (14)
Travel guides (308)
War and weapons (29)
World Wide Web (213)
Zen (5)
Other books (89)

The Virtual Bookcase is created and maintained by Koos van den Hout. Contact e-mail
Site credits
Copyright © 2000-2020 Koos van den Hout / The Virtual Bookcase Copyright and privacy statement