The Basics of Digital Forensics

2nd Edition

The Primer for Getting Started in Digital Forensics

Print ISBN: 9780128016350
eBook ISBN: 9780128018927
Imprint: Syngress
Published Date: 15th December 2014
Page Count: 200
21.99 + applicable tax
34.95 + applicable tax
27.95 + applicable tax
Compatible Not compatible
VitalSource PC, Mac, iPhone & iPad Amazon Kindle eReader
ePub & PDF Apple & PC desktop. Mobile devices (Apple & Android) Amazon Kindle eReader
Mobi Amazon Kindle eReader Anything else

Institutional Access


The Basics of Digital Forensics provides a foundation for people new to the digital forensics field. This book teaches you how to conduct examinations by discussing what digital forensics is, the methodologies used, key tactical concepts, and the tools needed to perform examinations. Details on digital forensics for computers, networks, cell phones, GPS, the cloud and the Internet are discussed. Also, learn how to collect evidence, document the scene, and how deleted data can be recovered.

The new Second Edition of this book provides you with completely up-to-date real-world examples and all the key technologies used in digital forensics, as well as new coverage of network intrusion response, how hard drives are organized, and electronic discovery. You'll also learn how to incorporate quality assurance into an investigation, how to prioritize evidence items to examine (triage), case processing, and what goes into making an expert witness.

The Second Edition also features expanded resources and references, including online resources that keep you current, sample legal documents, and suggested further reading.

Key Features

  • Learn what Digital Forensics entails
  • Build a toolkit and prepare an investigative plan
  • Understand the common artifacts to look for in an exam
  • Second Edition features all-new coverage of hard drives, triage, network intrusion response, and electronic discovery; as well as updated case studies, expert interviews, and expanded resources and references


Digital forensics professionals and enthusiasts; information security professionals; legal professionals; law enforcement officers; students in digital forensics degree programs

Table of Contents

  • Dedication
  • Preface
  • Acknowledgments
  • Chapter 1: Introduction

    • Abstract
    • Introduction
    • What is forensic science?
    • What is digital forensics?
    • Uses of digital forensics
    • The digital forensics process
    • Locard’s exchange principle
    • Scientific method
    • Organizations of note
    • Role of the forensic examiner in the judicial system
    • Summary
  • Chapter 2: Key technical concepts

    • Abstract
    • Introduction
    • Bits, bytes, and numbering schemes
    • File extensions and file signatures
    • Storage and memory
    • Computing environments
    • Data types
    • File systems
    • Allocated and unallocated space
    • How magnetic hard drives store data
    • Summary
  • Chapter 3: Labs and tools

    • Abstract
    • Introduction
    • Forensic laboratories
    • Policies and procedures
    • Quality assurance
    • Digital forensic tools
    • Additional resources
    • Alert!
    • Accreditation
    • Summary
  • Chapter 4: Collecting evidence

    • Abstract
    • Introduction
    • Crime scenes and collecting evidence
    • Alert!
    • Alert!
    • Documenting the scene
    • Chain of custody
    • Cloning
    • Alert!
    • Live system versus dead system
    • More advanced
    • Alert!
    • Hashing
    • Final report
    • Summary
  • Chapter 5: Windows system artifacts

    • Abstract
    • Introduction
    • Deleted data
    • More advanced
    • Hibernation file (hiberfile.sys)
    • Registry
    • Print spooling
    • Recycle bin
    • Alert!
    • More advanced
    • Metadata
    • Alert!
    • Thumbnai


No. of pages:
© Syngress 2015
eBook ISBN:
Paperback ISBN:


"... this book is well named. It is an entry-level primer to digital forensics, and could be used as an introductory book in a beginning computer forensics course." --Journal of Digital Forensics, Security and Law, Vol 9, No 1