Digital forensics is a branch of forensic science that focuses on investigating and recovering digital media, often connected with computer crimes. This book is a guide for establishing a digital forensics laboratory that complies with requirements such as ISO 17020, ISO 17025, ISO 27001, and other best practices. Watson is head of Forensic Computing Ltd., a digital forensic recovery and investigations company. He holds a broad range of certifications in the computing field. Jones is a computer crime expert and holds a PhD in the field of threats to information systems. With 25 years of service in the British Army Intelligence Corps, he is thoroughly experienced in the practical requirements for establishing a digital forensics laboratory.
The book covers three logical areas: policies and procedures for setting up a forensic laboratory, policies and procedures for operation of the laboratory, and policies and procedures for gaining and maintaining accreditation and certification. These three areas provide the user with a comprehensive guide, for even the smallest details that need to be taken into consideration.
Chapter 1 provides general information on digital forensics, the need for digital forensics, problems that might be encountered, and the importance of procedures in digital forensics. The authors present a complete and clear picture of the essential requirements that need to be taken in consideration when setting up a laboratory. The content is well organized, with useful information about the standards, followed by examples and diagrams. The carefully assembled details make it even easier to understand and implement. Chapters 2 and 3 include an exact guide for setting up the laboratory, including facility requirements, implementing policies, forensic laboratory principles, and so on.
The second logical section presents a useful interpretation of a wide spectrum of standards essential for running a digital forensic laboratory. Many of these standards are used in other industries, so this part will be familiar to most information technology (IT) experts. However, for those who are not familiar with standardization focused on digital forensics, this section represents a great opportunity for expanding their knowledge. The many roles that can be found in a digital forensics laboratory are also covered, along with their responsibilities. Since this book is targeted to people who are working in digital forensics, the authors have included 200 pages of important information about the actual forensic procedure. This section also describes a typical IT infrastructure, case processing, case management, gathering evidence, maintaining the evidence in a state that will be admissible in court, and several other aspects of forensics procedure.
It is clear that the authors bring real-world experience to the book, covering the whole life cycle of digital forensics investigations, gathering evidence, and chain of custody results. Although this book is not intended to train professional data forensics investigators, it will be a very useful handbook for future experts, especially those charged with setting up a forensic laboratory or those seeking accreditation and certification of an existing laboratory.
More reviews about this item: Amazon