Digital Forensics Processing and Procedures
Meeting the Requirements of ISO 17020, ISO 17025, ISO 27001 and Best Practice Requirements
1st Edition
Published on 24. October 2013
Book
Paperback/Softback
880 pages
978-1-59749-742-8 (ISBN)
Description
This is the first digital forensics book that covers the complete lifecycle of digital evidence and the chain of custody. This comprehensive handbook includes international procedures, best practices, compliance, and a companion web site with downloadable forms. Written by world-renowned digital forensics experts, this book is a must for any digital forensics lab. It provides anyone who handles digital evidence with a guide to proper procedure throughout the chain of custody--from incident response through analysis in the lab.
Reviews / Votes
"With this book you have a finely detailed chart guiding you through every aspect of creating, using and documenting processes that will make you compliant with both the formal accreditation standards and less formal, but no less important, industry best practices...if you are running - or plan to run - a digital forensics business, then this will provide a template for everything you do." --Network Security, May 2014"It is clear that the authors bring real-world experience to the book, covering the whole life cycle of digital forensics investigations, gathering evidence, and chain of custody results...it will be a very useful handbook for future experts, especially those charged with setting up a forensic laboratory or those seeking accreditation and certification of an existing laboratory." --ComputingReviews.com, February 19, 2014
"...this volume on digital forensics and investigation provides information on best practices for meeting regulatory requirements and gaining and maintaining certifications and accreditation within the digital forensics field. The work is divided into three sections covering initial policies and procedures for setting up a laboratory, operating procedures and continuing policies, and accreditation standards and requirements."--ProtoView.com, February 2014
"What the book does do is provide a comprehensive and all-inclusive set of details that covers the entire lifecycle of a digital forensics investigation, ensuing evidence gathered, and chain of custody that results...Authors David Lilburn Watson and Andrew Jones bring decades of detailed real-world experience to the book, which readers are certain to find to be a unique reference."--RSAConference.com, December 16, 2013
More details
Language
English
Place of publication
Rockland, MA
United States
Target group
Professional and scholarly
Forensic laboratories (police, government or civilian), Expert witnesses for digital forensic cases, Legal professionals, Forensics regulators, Investigators involved with seize of digital evidence (police forces, IT departments, HR departments)
Illustrations
Approx. 100 illustrations
100 illustrations; Illustrations
Dimensions
Height: 276 mm
Width: 216 mm
Weight
1890 gr
ISBN-13
978-1-59749-742-8 (9781597497428)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Other editions
Additional editions
David Lilburn Watson | Andrew Jones
Digital Forensics Processing and Procedures
Meeting the Requirements of ISO 17020, ISO 17025, ISO 27001 and Best Practice Requirements
E-Book
08/2013
Syngress
€53.95
Available for download
Persons
David Lilburn Watson heads up Forensic Computing Ltd, a specialist forensic recovery and investigation company. He is responsible for the coordination and efficient delivery of the computer forensic and electronic evidence recovery services, digital investigations, and provides support for a broad range of investigative, security and risk consulting assignments. He is a Certified Fraud Examiner (CFE) and a Certified Information Forensic Investigator (CIFI), a Certified Computer Crime Investigator (CCCI), an Advanced Certified Computer Forensics Technician (CCFT). In addition to specialised forensic certifications he is a Certified Information Security Systems Professional (CISSP), a Certified Information Systems Manager (CISM) and a Certified Information Systems Auditor (CISA). David has also led Forensic Computing Ltd to ISO 27001 and ISO 9001 certification, making FCL one of very few consultancies to hold such important credentials in the field of forensic services. Dr. Andrew Jones is a digital forensic and information security researcher and academic and has developed several tools and processes for the efficient and effective recovery of data from a range of devices. He has also participated and led a number of forensic investigations for criminal and civil cases.
Andrew has been involved in several information security projects for the Government Communications Electronic Security Group (CESG), the Office of the E-Envoy, the police and a defense contractor. He acted as the technical advisor for the then National Crime Squad Data Acquisition and Recovery Team and he is currently on the committees for five information security and computer forensic conferences. He also sat on two working groups of the governments Central Sponsor for Information Assurance National Information Assurance Forum. He holds posts as an adjunct professor at Edith Cowan University in Perth, Australia and the University of South Australia in Adelaide.
He has authored six books in the areas of Information Warfare, Information Security and Digital Forensics, including co-authoring Digital Forensics Processing and Procedures, First Edition.
Andrew has been involved in several information security projects for the Government Communications Electronic Security Group (CESG), the Office of the E-Envoy, the police and a defense contractor. He acted as the technical advisor for the then National Crime Squad Data Acquisition and Recovery Team and he is currently on the committees for five information security and computer forensic conferences. He also sat on two working groups of the governments Central Sponsor for Information Assurance National Information Assurance Forum. He holds posts as an adjunct professor at Edith Cowan University in Perth, Australia and the University of South Australia in Adelaide.
He has authored six books in the areas of Information Warfare, Information Security and Digital Forensics, including co-authoring Digital Forensics Processing and Procedures, First Edition.
Content
Chapter 1. Introduction
Chapter 2. Forensic Laboratory Accommodation
Chapter 3. Setting up a Laboratory
Chapter 4. IT Infrastructure
Chapter 5. Incident Response
Chapter 6. Working in the Laboratory
Chapter 7. Evidence Presentation
Chapter 8. Secure Working Practices
Chapter 9. Ensuring Continuity of Operations
Chapter 10. Outsourcing
Chapter 11. Effective Records Management
Chapter 12. Performance Assessment
Chapter 13. Health and Safety
Chapter 14. Human Resources
Chapter 15. Certification for the Laboratory
Chapter 16. Emerging Issues
Chapter 2. Forensic Laboratory Accommodation
Chapter 3. Setting up a Laboratory
Chapter 4. IT Infrastructure
Chapter 5. Incident Response
Chapter 6. Working in the Laboratory
Chapter 7. Evidence Presentation
Chapter 8. Secure Working Practices
Chapter 9. Ensuring Continuity of Operations
Chapter 10. Outsourcing
Chapter 11. Effective Records Management
Chapter 12. Performance Assessment
Chapter 13. Health and Safety
Chapter 14. Human Resources
Chapter 15. Certification for the Laboratory
Chapter 16. Emerging Issues