SECTION I: Computer Related Crime Investigations and Computer Forensics Management Support.
This section provides a background to computer crime and addresses the Computer Forensics management issues related to Computer Forensic Incidents and Crime Investigations. It looks at how investigations are carried out, what needs to be considered in the planning of an investigation and the conduct of the investigation including the collection and storage of evidence. The section finishes with a number of case studies to highlight how things can go well if they are done properly and how they can go wrong if they are not.
Chapter 1. A Short History of Computer-Related Crimes and the Developing Need for Computer Forensics. This chapter will provide an overview of computer-related crimes from the less sophisticated and localized dial-up computer crimes to today's sophisticated, global, network attacks; as well as the history of the development of the computer forensics profession and increasingly formal computer forensics laboratories.
Chapter 2. An Introduction to Computer Forensics. This chapter provides an overview of the important concepts associated with "computer forensics." It describes the potential sources of evidence available in the typical microcomputer, how to conduct a search for evidence, and a method of conducting a search in a systematic and effective manner.
Chapter 3. Types of Forensic Investigation. This chapter will include the reasons for carrying out the investigation and the type of investigation that is being undertaken, for example single computer, network or mobile devices.
Chapter 4. Responding to Crimes requiring Computer Forensic Investigation. This chapter will talk about what actions are required, the management considerations and just as importantly, what should not be done when responding to a high tech c