Includes bibliographical references and index.

Print version record.

Front Cover; Implementing Digital Forensic Readiness; Copyright; Contents; Preface; Introduction; About the Author; Acknowledgments; A -- Digital Forensics; 1 -- Understanding Digital Forensics; INTRODUCTION; HISTORY OF DIGITAL CRIME AND FORENSICS; PROLOGUE (1960-80); INFANCY (1980-95); CHILDHOOD (1995-2005); ADOLESCENCE (2005-15); THE FUTURE (2015 AND BEYOND); DIGITAL FORENSICS OVERVIEW; WHY IS IT IMPORTANT?; LEGAL ASPECTS; COLLECTING DIGITAL EVIDENCE; VOLATILE DATA; NONVOLATILE DATA; ORDER OF VOLATILITY; TYPES OF FORENSIC INVESTIGATIONS; DIGITAL FORENSIC RESOURCES; SUMMARY; TAXONOMY.

2 -- Investigative Process ModelsINTRODUCTION; EXISTING PROCESS MODELS; DIGITAL FORENSIC READINESS MODEL; SUMMARY; 3 -- Evidence Management; INTRODUCTION; EVIDENCE RULES; PREPARATION; INFORMATION SECURITY MANAGEMENT; Policies; Guidelines; Standards; Procedures; DIGITAL FORENSIC TEAM; Roles and Responsibilities; Education and Certification; LAB ENVIRONMENT; HARDWARE AND SOFTWARE; GATHERING; OPERATING PROCEDURES; Identification; Securing the Scene; Documenting the Scene; Search and Seizure; Collection and Preservation; PROCESSING; PRESENTATION; SUMMARY; RESOURCES; TAXONOMY.

B -- Digital ForensicReadines4 -- Understanding Forensic Readiness; INTRODUCTION; DIGITAL FORENSICS AND INFORMATION SECURITY; PROACTIVE ACTIVITIES; REACTIVE ACTIVITIES; WHAT IS FORENSIC READINESS?; COST AND BENEFIT OF FORENSIC READINESS; COST ASSESSMENT; BENEFITS; IMPLEMENTING FORENSIC READINESS; SUMMARY; TAXONOMY; 5 -- Define Business Risk Scenarios; INTRODUCTION; WHAT IS BUSINESS RISK?; FORENSIC READINESS SCENARIOS; SCENARIO #1: REDUCING THE IMPACT OF CYBERCRIME; SCENARIO #2: VALIDATING THE IMPACT OF CYBERCRIME OR DISPUTES; Mitigating Control Logs; Overhead Time and Effort.

Indirect Business LossRecovery and Continuity Expenses; SCENARIO #3: PRODUCING EVIDENCE TO SUPPORT ORGANIZATIONAL DISCIPLINARY ISSUES; SCENARIO #4: DEMONSTRATING COMPLIANCE WITH REGULATORY OR LEGAL REQUIREMENTS; SCENARIO #5: EFFECTIVELY MANAGING THE RELEASE OF COURT ORDERED DATA; SCENARIO #6: SUPPORTING CONTRACTUAL AND/OR COMMERCIAL AGREEMENTS; SCENARIO ASSESSMENT; SUMMARY; TAXONOMY; 6 -- Identify Potential Data Sources; INTRODUCTION; WHAT IS A DATA SOURCE?; BACKGROUND EVIDENCE; FOREGROUND EVIDENCE; CATALOGING DATA SOURCES; PHASE #1: PREPARATION; PHASE #2: IDENTIFICATION.

PHASE #3: DEFICIENCIESInsufficient Data Availability; Content Awareness; Context Awareness; Unidentified Data Sources; EXTERNAL DATA CONSIDERATIONS; DATA EXPOSURE CONCERNS; FORENSICS IN THE SYSTEM DEVELOPMENT LIFE CYCLE; SUMMARY; TAXONOMY; 7 -- Determine Collection Requirements; INTRODUCTION; PRECOLLECTION QUESTIONS; EVIDENCE COLLECTION FACTORS; TIME; METADATA; CAUSE AND EFFECT; CORRELATION AND ASSOCIATION; CORROBORATION AND REDUNDANCY; STORAGE DURATION; STORAGE INFRASTRUCTURE; DATA SECURITY REQUIREMENTS; SUMMARY; TAXONOMY; 8 -- Establish Legal Admissibility; INTRODUCTION; LEGAL ADMISSIBILITY.