Ulteriori informazioni
Informationen zum Autor ALBERT J. MARCELLA, JR., PHD, CISA, CISM, is President of Business Automation Consultants, LLC, a global information technology and management consulting firm providing IT management consulting, audit and security reviews, and training. He is an internationally recognized public speaker, researcher, workshop and seminar leader, and an author of numerous articles and books on various IT, audit, and security related subjects. FREDERIC GUILLOSSOU, CISSP, CCE, is an Information Security Analyst with TALX, a division of Equifax. He regularly trains on intrusion prevention systems and has successfully led a number of forensic investigations in the field. Klappentext An explanation of the basic principles of dataThis book explains the basic principles of data as building blocks of electronic evidential matter, which are used in a cyber forensics investigations. The entire text is written with no reference to a particular operation system or environment, thus it is applicable to all work environments, cyber investigation scenarios, and technologies. The text is written in a step-by-step manner, beginning with the elementary building blocks of data progressing upwards to the representation and storage of information. It inlcudes practical examples and illustrations throughout to guide the reader. Zusammenfassung An explanation of the basic principles of data This book explains the basic principles of data as building blocks of electronic evidential matter, which are used in a cyber forensics investigations. Inhaltsverzeichnis Preface xiii Acknowledgments xvii Chapter 1: The Fundamentals of Data 1 Base 2 Numbering System: Binary and Character Encoding 2 Communication in a Two-State Universe 3 Electricity and Magnetism 3 Building Blocks: The Origins of Data 4 Growing the Building Blocks of Data 5 Moving Beyond Base 2 7 American Standard Code for Information Interchange 7 Character Codes: The Basis for Processing Textual Data 10 Extended ASCII and Unicode 10 Summary 12 Notes 13 Chapter 2: Binary to Decimal 15 American Standard Code for Information Interchange 16 Computer as a Calculator 16 Why Is This Important in Forensics? 18 Data Representation 18 Converting Binary to Decimal 19 Conversion Analysis 20 A Forensic Case Example: An Application of the Math 20 Decimal to Binary: Recap for Review 22 Summary 23 Chapter 3: The Power of HEX: Finding Slivers of Data 25 What the HEX? 26 Bits and Bytes and Nibbles 27 Nibbles and Bits 29 Binary to HEX Conversion 30 Binary (HEX) Editor 34 The Needle within the Haystack 39 Summary 41 Notes 42 Chapter 4: Files 43 Opening 44 Files, File Structures, and File Formats 44 File Extensions 45 Changing a File's Extension to Evade Detection 47 Files and the HEX Editor 53 File Signature 55 ASCII Is Not Text or HEX 57 Value of File Signatures 58 Complex Files: Compound, Compressed, and Encrypted Files 59 Why Do Compound Files Exist? 60 Compressed Files 61 Forensics and Encrypted Files 64 The Structure of Ciphers 65 Summary 66 Notes 67 Appendix 4A: Common File Extensions 68 Appendix 4B: File Signature Database 73 Appendix 4C: Magic Number Defi nition 77 Appendix 4D: Compound Document Header 79 Chapter 5: The Boot Process and the Master Boot Record (MBR) 85 Booting Up 87 Primary Functions of the Boot Process 87 Forensic Imaging and Evidence Collection 90 Summarizing the BIOS 92 BIOS Setup Utility: Step by Step 92 The Master Boot Record (MBR) 96 Partition Table 102 Ha...
