COMPUTER FORENSICS

 < Day Day Up > 



COMPUTER FORENSICS

Computer forensics involves the preservation, identification, extraction, and documentation of computer evidence stored as data or magnetically encoded information. The fascinating part of the science is that the computer evidence is often transparently created by the computer's operating system without the knowledge of the computer operator. The information may actually be hidden from view. To find it, special forensic software tools and techniques are required.

Emerging Field-But a Shortage of Experts

Most law enforcement agencies, especially those in large cities, are understaffed when it comes to having trained computer forensics experts. Industry, on the other hand, has been taking computer forensics seriously for several years. Sadly, it took a number of embarrassing computer break-ins by teenage hackers to put the spotlight on it. The problem is, industry doesn't know which computer forensics issues to focus on.

The biggest issue surrounding the computer forensics conundrum is a shortage of technologists who have a working knowledge of computer forensics. Academics are teaching the subjects, but most lack real-world experience, which is critical when training students. Also, many academics are not current with forensics trends and tools.

Times Are Changing

There's the old saying, 'If you wait long enough, it's bound to change.' The same can be said for computer forensics training. Not only will more techies be concentrating on computer forensics but also attorneys and judges will be taking courses in the subject. Learning forensics basics will help attorneys, especially, to determine the kinds of evidence that can be found by probing a computer's operating system and what techniques can be used to legally obtain it.

On the academic front, full-fledged degree tracks in computer forensics are being developed. Certification programs already exist.

Where are the jobs? Government agencies, such as the Department of Defense, FBI, CIA, NSA, and U.S. Postal Service need computer forensics specialists. State and local law enforcement departments are also hiring computer forensics specialists. On the corporate front, all companies (especially large and mid-size ones with a Web presence) will have serious computer forensics needs. Job titles differ, but, typically, these positions are advertised as Junior Computer Forensics Analysts for entry-level jobs and Senior Computer Forensics Analysts if you have a few years of experience in the field.



 < Day Day Up > 

 < Day Day Up > 



PURPOSE

The purpose of this book is to show experienced (intermediate to advanced) computer forensics, security, and law enforcement professionals how to analyze and conduct a computer forensics examination, and report the findings that will lead to the incarceration of the perpetrators. This book also provides the fundamental knowledge you need to analyze risks to your system and implement a workable security and forensics policy that protects your information assets from potential intrusion, damage or theft. Through extensive hands-on examples (field and trial experiments) and case studies, you will gain the knowledge and skills required to master the deployment of information warfare countermeasures to thwart potential attacks.



 < Day Day Up >