Cyber Forensics A Field Manual for Collecting, Examining and Preserving Evidence of Computer Crimes

Cyber Forensics

A Field Manual for Collecting, Examining and Preserving Evidence of Computer Crimes

By Albert J. Marcella, Jr. and Doug Menendez

The first thing you will notice about this book is the disclaimer;

This text will not make you a cyber forensics investigator or technician, if you are not one already!

However the authors will provide you with an introduction and overview to the subject which is what most auditors will appreciate. The skills required to perform a cyber forensics investigation are beyond the scope of most auditors duties however this book will help you to understand and contract for the individuals with these specialized skills.

The book starts as most books of this nature with an introduction to the subject along with a history of computer crimes and legislation. There is a handy table that contrasts auditing versus cyber forensic investigations. Next comes a description of the different tools available along with vendor information, cost and Internet URL. Concealment techniques and more advanced forensics may leave many auditors scratching their heads but it is useful to have an appreciation for the different methodologies including DOS naming conventions and file extensions. The sections on hardware and software cover older as well as new technology. The standard operating procedures chapter has checklists for all areas of an investigation followed by a chapter that walks the reader through performing one. The remainder of the book covers legal issues, privacy, information storage and more. There are enough appendices that the authors had to start the alphabet over at AA. Cyber forensics may not be an area you will encounter in your audits but my motto has always been and will continue to be; Be Prepared! This is the book you want to have in your library to do just that.

JMK