counter create hit Learn Computer Forensics: A beginner's guide to searching, analyzing, and securing digital evidence - Download Free eBook
Hot Best Seller

Learn Computer Forensics: A beginner's guide to searching, analyzing, and securing digital evidence

Availability: Ready to download


Compare

28 review for Learn Computer Forensics: A beginner's guide to searching, analyzing, and securing digital evidence

  1. 4 out of 5

    Aaron

    The subtitle to this book is, "A beginner's guide to searching, analyzing, and securing digital evidence". Now that's not wrong, but it may be misleading, depending on what you consider a beginner. For this topic I think a beginner is someone knowledgeable of common components and devices (CPU, RAM, hard drive, USB flash drive, etc.), with a basic idea of how data is used and stored, and generally comfortable with "computer stuff" like installing programs, reading text and hex values, working in The subtitle to this book is, "A beginner's guide to searching, analyzing, and securing digital evidence". Now that's not wrong, but it may be misleading, depending on what you consider a beginner. For this topic I think a beginner is someone knowledgeable of common components and devices (CPU, RAM, hard drive, USB flash drive, etc.), with a basic idea of how data is used and stored, and generally comfortable with "computer stuff" like installing programs, reading text and hex values, working in different operating systems (Window, Mac, or Linux), etc. This book is not for you if your uncomfortable troubleshooting technical problems, if you're not comfortable looking at hexadecimal values (as you'd expect, there's a lot here), or if you need a visual guide. There are plenty of tables and screenshots, but they're for more for technical illustration and not for hand-holding. You don't need to know the command line, but as always it helps. On the flip side, this book is probably not technical or advanced enough if you're looking to: - attempt data recovery from your own hard drive or some other device (it's about collecting and managing digital evidence, not data recovery) - set up your own forensic lab (it's really just a primer) - testify as a forensic expert in court (again, it's just a primer) What this book does well: It covers a reasonably wide range or topics both on the technical side and on the legal side. It covers topics in enough depth to get a fair idea of what it is, what it looks like, and what evidence it will provide. Oettinger also addresses the limitations of what you can determine with certainty from an investigation. For example, you can determine when files were last accessed by their timestamps and the user account that accessed those files, but it's harder to demonstrate that a particular person was in fact the using that account (the counter claim being, "it's my device/account but someone else was using it"). Oettinger goes beyond the how-to aspect of gathering evidence to cover chain-of-custody, using new or wiped drives, regularly testing forensic tools (to demonstrate the validity of the findings in court), considerations of presenting evidence in court, neutrality as a fact finder (for the truth, not for either party in court), and professional integrity. He spend a good amount of text illustrating how much work goes into preparation and readiness before the investigation begins and into handling materials and composing reports afterward. What this book could do better: It's not a bad book, but this first edition looks like it was rushed to print. It's published by Packt Publishing, and it's one of two Packt books I own. I guess Packt has been around since 2003 but it seems to be an emergent playing in the tech publishing world, with a sharp increase in volume in the last few years. I support their effort to cover a topic that doesn't have much in print and I like that they support open source tools (which this book demonstrates). However, it looks like this book was rushed to press and could have used a little more time to cook. (Maybe that's because it came out in April 2020 right as the pandemic hit, but my other Packt book suffers from similar editing problems so that's probably not a factor.) There are a lot of minor typos and technical errors - not every page and nothing that will derail the reader, but they come up frequently enough warrant mentioning. Little stuff like that can needlessly tarnish a work and take it down half a letter grade. Another editing problem is the organization and flow: it's pretty uneven. I think all the topics are relevant and useful, but the weight given to each topic is unbalanced. For example, the chapter Computer Systems goes into depth on filesystems, specifically FAT and NTFS. Now filesystems are really, really complex, so you can quickly go down a rabbit hole depending on how much you want to know. It's fair to say different people will want a different amount of detail and you can't please everyone. However, I feel like Oettinger just got lost in weeds with excessive detail that's not sufficiently related back to the ideas he's trying to illustrate. Again, maybe that's just me, but it felt like a it could have used another review with an editor with consideration of what a "beginner's guide". In the chapter Computer Investigation Process he discusses some of the challenges of string searches, and spends a fair amount of text explaining regular expression (regex). Okay, that is definitely beyond the scope of a book like this. I would rather he said something like, "There are all kind of sophisticated rules to apply when doing a string search. For a good guide to regex see this link. For now you just need to be aware of the following pitfalls." See? Keep it on topic, point the reader to additional resources, and never get more than a few sentences from the reason they picked up the book. Overall this book accomplishes what it aims to, with room for improvement in the next edition. I bought this book because I was curious about computer forensics and it looked like a good survey of related technologies. I wasn't disappointed. I've definitely learned a good amount about both, and it confirmed a lot of what I already kind of knew. The good is all good enough and the bad was just things to work on for next time.

  2. 5 out of 5

    Georgia Cassidy-Oliver

  3. 5 out of 5

    Andrew Calverley

  4. 5 out of 5

    Walter Houser

  5. 4 out of 5

    John Robertson

  6. 4 out of 5

    carmen smith

  7. 4 out of 5

    Scott Robb

  8. 4 out of 5

    Jonathan Briggs

  9. 4 out of 5

    Ray Pereda

  10. 4 out of 5

    JasmineBeiNN

  11. 4 out of 5

    Andrew

  12. 4 out of 5

    Jon Evers

  13. 4 out of 5

    Lurenso Giuspe Bebb

  14. 5 out of 5

    Ck Chan

  15. 5 out of 5

    Rahaf Moha

  16. 4 out of 5

    Lisa

  17. 4 out of 5

    Jimmy Hernandez Rivera

  18. 5 out of 5

    Dante Leach

  19. 4 out of 5

    ferdogan

  20. 4 out of 5

    Franco

  21. 5 out of 5

    Ruth Grace

  22. 5 out of 5

    Rimas

  23. 5 out of 5

    Simon

  24. 5 out of 5

    dbarattini

  25. 4 out of 5

    Kenneth

  26. 5 out of 5

    Ashley

  27. 4 out of 5

    Zach McCray

  28. 5 out of 5

    Hazel Danso

Add a review

Your email address will not be published. Required fields are marked *

Loading...
We use cookies to give you the best online experience. By using our website you agree to our use of cookies in accordance with our cookie policy.