Investigative Computer Forensics The Practical Guide for Lawyers, Accountants, Investigators, and Business Executives

ERIK LAYKIN, CHFI, CEDS, is a Managing Director of Duff & Phelps, LLC and was a cofounder of its Global Electronic Discovery and Investigations practice. He focuses on large-scale international corporate investigations and high-stakes litigation issues in which computer forensics and electronic discovery play a major role. Mr. Laykin is frequently appointed as an expert witness, independent neutral, or special master in federal and state courts and has served in an advisory capacity to hundreds of corporations, law firms, and government agencies in the U.S., Asia, and Europe. As an early pioneer in the computer forensics and cybercrime field, he regularly comments on these emerging technology and business issues at industry conferences and for the media, including CNN, Fox, ABC, NBC, CBS, major newspapers, and periodicals. Mr. Laykin is active in a variety of organizations including the HTCIA (High Technology Crime Investigation Association), FEWA (Forensic Expert Witness Association), ABA (American Bar Association), and is a past president (Los Angeles) and Pacific Rim director of the FBI's InfraGard Program.

Foreword

Preface

This Book’s Setup

Acknowledgments

Introduction

Investigative Computer Forensics

Changes in Technology

Changes in the Role of the Investigator

What Is Computer Forensics?

Chapter 1 The Glue

The Relevancy of Truth

Foundations of Digital Evidence

Investigative Objectives

The Investigative Process

Trust

Privacy

Chapter 2 A Primer on Computers and Networks

The Mechanics of Electronically Stored Information

Optical Drives

The Server

The Router

Application Data

Metadata

Databases

Email Mechanics

The IP Address

Computer Time Artifacts

Social Media

Tablets

Cellular Telephones and Smart Phones

Audio and Video

The Global Nervous System Worldwide Data

Fundamentals of Network Traffic

The Firewall

Data- and Traffic-Gathering Applications

Dynamic Data Capture

The Cloud

International Data Security and Privacy Issues

Chapter 3 Computer Forensic Fundamentals

The Establishment of the Computer Forensic Laboratory

Evidence and Access Controls

The Forensic Work Station

Current Tools and Services

Imaging Hardware

X1 Discovery

NetAnalysis

Building a Team and a Process

Computer Forensic Certifications

The Human Quotient

The Devil is in the Details

Chapter 4 Investigative Fundamentals

The Investigative Mindset

Case Management

Fraud and Investigative Analysis

Information Sources and Records

Investigative Techniques

Surveillance and Interviewing

Trade Secret Theft and IP Investigations

HR and Interpersonal Investigations

Reporting and Testifying

Chapter 5 The Underpinnings of Investigative Computer Forensics

Seizure and Examination of Digital Evidence

Data Classification and Records Management

Deleted Data

Backups and Systems Preservation

Computer Crime Analysis and Reconstruction

The Who, What, Where, How of Data

Contracts Agreements, Third Parties, and Other Headaches

Ethics and Management

Chapter 6 Tactical Objectives and Challenges in Investigative Computer Forensics

Preparing for the Attack

Early Case Assessment

Investigative Pacing, Timing, and Setting Expectations

Working with Multinational Teams

Collections of Electronic Data in the Cloud and in Social Media

Investigating Internet Service Provider Records

Bridging the Actual World with the Cyber World

Packaging the Findings

Chapter 7 The Cyber Firefighters

Incident Response Fundamentals

Data Breaches

Theft and Fraud

Systems Failures

Internal Investigations

The Real-Time Predicament

Building a Global Resource Network

Honeypots and Other Attractive Intel-Gathering Targets

Money Laundering and Internet Fraud

Investigating Accounting Irregularities

Databases and Structured Data

Organized Crime in the Cyber Underworld

The Cyber Underworld in Various Regions

State-Sponsored Cyber Crime

Common Cyber Threats

Identity Theft

Intellectual Property and Trade Secret Theft

Botnets, Malware, Trojans, and Phishing

Data Breach Vulnerabilities

The Hacker and His Environment

Chapter 8 eDiscovery Responsibilities

Electronic Discovery Reference Model

eDiscovery Responsibilities

Common eDiscovery Challenges

Tools Services and Technologies

Nuix

LEXIS-NEXIS Law

Emerging eDiscovery Realities

European and Asian Observations

Digital Evidence in the Courtroom

Chapter 9 The Future

Privacy and the Data Ecosystem

Access Controls and the Evolution of Trust

Global Communications Systems in the Cloud

Nanotechnology and Cognitive Computing

Digital Demographics and the Emerging Global Citizen

Extra National Investigative Networks

Zero Day Forensics

Concluding Thoughts

Index

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.