Fundamentals of Digital Forensics: Theory, Methods, and Real-Life Applications
暫譯: 數位取證基礎：理論、方法與實際應用

This practical and accessible textbook/reference describes the theory and methodology of digital forensic examinations, presenting examples developed in collaboration with police authorities to ensure relevance to real-world practice. The coverage includes discussions on forensic artifacts and constraints, as well as forensic tools used for law enforcement and in the corporate sector. Emphasis is placed on reinforcing sound forensic thinking, and gaining experience in common tasks through hands-on exercises.

This enhanced second edition has been expanded with new material on incident response tasks and computer memory analysis.

Topics and features:

• Outlines what computer forensics is, and what it can do, as well as what its limitations are
• Discusses both the theoretical foundations and the fundamentals of forensic methodology
• Reviews broad principles that are applicable worldwide
• Explains how to find and interpret several important artifacts
• Describes free and open source software tools, along with the AccessData Forensic Toolkit
• Features exercises and review questions throughout, with solutions provided in the appendices
• Includes numerous practical examples, and provides supporting video lectures online

This easy-to-follow primer is an essential resource for students of computer forensics, and will also serve as a valuable reference for practitioners seeking instruction on performing forensic examinations.

Joakim K vrestad is a lecturer and researcher at the University of Sk vde, Sweden, and an AccessData Certified Examiner. He also serves as a forensic consultant, with several years of experience as a forensic expert with the Swedish police.