Types, The Internet spawns crime, Worms versus viruses, Computers’ roles in crimes, Introduction to digital forensics, Introduction to Incident – Incident Response Methodology – Steps – Activities in Initial Response, Phase after detection of an incident
Initial Response & Volatile Data Collection from Windows system -Initial Response & Volatile Data Collection from UNIX system – Forensic Duplication: Forensic Duplicates as Admissible Evidence, Forensic Duplication Tool Requirements, Creating a Forensic. Duplicate/Qualified Forensic Duplicate of a Hard Drive.
Determining what data to collect and analyze, validating forensic data, addressing data-hiding techniques, performing remote acquisitions Network Forensics: Network forensics overview, performing live acquisitions, developing standard procedures for network forensics.
evaluating computer forensic tool needs, computer forensics software tools, computer forensics hardware tools, validating and testing forensics software E-Mail Investigations: Exploring the role of e-mail in investigation Cell phone and mobile device forensics: Understanding mobile device forensics.
understanding file systems, exploring Microsoft File Structures, Examining NTFS disks, Understanding whole disk encryption, windows registry, Microsoft startup tasks, MS-DOS startup tasks, virtual machines.
Reference Book:
1. Real Digital Forensics by Keith J. Jones, Richard Bejtiich, Curtis W. Rose, Addison- Wesley Pearson Education. 2. Forensic Compiling, A Tractitioneris Guide by Tony Sammes and Brian Jenkinson, Springer International edition.
Text Book:
1.Kevin Mandia, Chris Prosise, “Incident Response and computer forensics”, Tata McGraw Hill, 2006.2.Computer Forensics, Computer Crime Investigation by John R. Vacca, Firewall Media, New Delhi.