The Basics of Digital Forensics:

Author: John Sammons 
Publisher:Syngress
Pages:208 
ISBN: 978-1597496612
Audience: Potential professional forensic experts
Rating: 4
Reviewer: Lucy Black 

Digital forensics sounds both important and interesting - and so it is, but can this book teach you the basics in around 170 pages?

It all depends what you mean by basics. Some years ago I took a University course in forensics - mostly because CSI made it look super cool. It started with a long discussion of "chain of custody" and other matters of book keeping necessary to forensic procedure. Needless to say it wasn't CSI even though we did get on to more techie topics later. This book is a bit like that course but it doesn't really get onto any techie topics in any depth. 

 

Banner

 

Chapter 1 is an introduction to forensics and more importantly an account of the professional aspects of the task including an introduction to US organizations concerned with the subject. It even mentions the CSI effect that I fell victim to.

Chapter 2 is called "Key Technical Concepts" - they may be key but there are very basic. If you are a programmer, and programmers would make good Digital Forensic investigators, then you should know all of this. What is a byte, hex, ASCII, Unicode, types of storage and so on. You might not know some of the stuff about file systems and how data isn't actually erased but you probably should. The book doesn't give any practical advice about how to recover data. It is more like an overview of what might be possible.

The next chapter is on labs and tools and this is more practical but again it is focused on matters like how can you trust a tool. Then on to collecting evidence which was a set of ideas familiar to me from my forensics course but with a lot of customization to the digital world. If you don't know forensic procedures this and much of the book up to this point will be useful to you. 

 

TheBasicsOfDigitalForensics

 

Chapter 5 gets more technically specific in that it looks at Windows systems and the particular opportunities that these offer - recovering data, the registry. restore points, link files and so on. Chapter 6 looks at anti-forensics, i.e. how people might try to cover up what they are doing so that you can't find out. This more or less just lists the possible approaches with brief descriptions. As with much of the book the technical details are the bare minimum. 

Chapter 6 is about legal aspects and it is 100% US oriented - the fourth amendment, criminal law, searching with a warrant. No consideration is given to the problems of worldwide legal systems or working in different jurisdictions - and this isn't unreasonable as it would have made the book difficult to write and huge. 

Chapter 8 moves back to the technology again with Internet and email. Here the examples are Windows based once again. It covers non-technical issues such as the status of email as evidence and so on. The next chapter is on network protocols and of course being so short it hardly scratches the surface. Chapter 10 deals with mobile including GPS.

The final chapter is a bit of a round up and a look at the new technologies like solid state disks and cloud computing. Not really cutting edge but you might expect the forensic aspects of these technologies to advance slower than the technologies themselves. 

Over all this is a reasonably good read if you want to know about what you might call the professional or book-keeping side of digital forensics. It does introduces some of the technological problems but more so that you have a general picture of the sorts of things you might have to deal with. It makes no attempt to make you an expert or even practically capable in these areas. The intention seems to be to just orient the complete beginner. As such the book works - but if you are a techie beware of its low information content. If you know anything about hacking you might be disappointed by the low level approach. 

 

Banner


Bloggers Boot Camp

Author: Charlie White and John Biggs
Publisher: Focal Press
Pages: 224
ISBN: 978-0240819174
Aimed at: Novice bloggers and those contemplating blogging
Rating: 4.5
Pros: Readable, interesting and helpful
Cons: Probably not the only book needed by beginner
Reviewed by: Sue Gee

How well does this book live up [ ... ]



Professional SQL Server 2012 Internals and Troubleshooting

Author: Christian Bolton, Rob Farley et al.
Publisher: Wrox
Pages: 576
ISBN: 978-1118177655
Audience: Troubleshooting DBAs and Developers
Rating: 4.3
Reviewer: Ian Stirk

I expected this book to give me an insight into what to do when I get various SQL Server problems. Identify the problem? How do I solv [ ... ]


More Reviews

 

Last Updated ( Sunday, 29 December 2013 )
 
 

   
RSS feed of book reviews only
I Programmer Book Reviews
RSS feed of all content
I Programmer Book Reviews
Copyright © 2014 i-programmer.info. All Rights Reserved.
Joomla! is Free Software released under the GNU/GPL License.