MARC details
| 000 -LEADER |
|---|
| fixed length control field |
09268cam a22005657i 4500 |
| CONTROL NUMBER |
|---|
| control field |
18354043 |
| CONTROL NUMBER IDENTIFIER |
|---|
| control field |
OSt |
| DATE AND TIME OF LATEST TRANSACTION |
|---|
| control field |
20220103144826.0 |
| FIXED-LENGTH DATA ELEMENTS--GENERAL INFORMATION |
|---|
| fixed length control field |
141030t20152015inua 001 0 eng |
| LIBRARY OF CONGRESS CONTROL NUMBER |
|---|
| LC control number |
2014955541 |
| NATIONAL BIBLIOGRAPHY NUMBER |
|---|
| National bibliography number |
GBB507652 |
| Source |
bnb |
| NATIONAL BIBLIOGRAPHIC AGENCY CONTROL NUMBER |
|---|
| Record control number |
017012717 |
| Source |
Uk |
| INTERNATIONAL STANDARD BOOK NUMBER |
|---|
| International Standard Book Number |
9780789741158 (paperback) |
| INTERNATIONAL STANDARD BOOK NUMBER |
|---|
| International Standard Book Number |
0789741156 (paperback) |
| SYSTEM CONTROL NUMBER |
|---|
| System control number |
(OCoLC)ocn903203003 |
| CATALOGING SOURCE |
|---|
| Original cataloging agency |
AU@ |
| Language of cataloging |
eng |
| Transcribing agency |
AU@ |
| Description conventions |
rda |
| Modifying agency |
BTCTA |
| -- |
YDXCP |
| -- |
OCLCO |
| -- |
TXI |
| -- |
UKMGB |
| -- |
OCLCF |
| -- |
DLC |
| AUTHENTICATION CODE |
|---|
| Authentication code |
lccopycat |
| LIBRARY OF CONGRESS CALL NUMBER |
|---|
| Classification number |
HV8079.C65 |
| Item number |
H39 2015 |
| DEWEY DECIMAL CLASSIFICATION NUMBER |
|---|
| Classification number |
364.168 |
| Edition number |
23 |
| Item number |
HAY/P |
| MAIN ENTRY--PERSONAL NAME |
|---|
| Personal name |
Hayes, Darren Richard |
| Relator term |
author. |
| 9 (RLIN) |
8965 |
| TITLE STATEMENT |
|---|
| Title |
A practical guide to computer forensics investigations / |
| Statement of responsibility, etc. |
Darren R. Hayes. |
| PRODUCTION, PUBLICATION, DISTRIBUTION, MANUFACTURE, AND COPYRIGHT NOTICE |
|---|
| Place of production, publication, distribution, manufacture |
Indianapolis, Indiana |
| Name of producer, publisher, distributor, manufacturer |
Pearson, |
| Date of production, publication, distribution, manufacture, or copyright notice |
[2015] |
| PRODUCTION, PUBLICATION, DISTRIBUTION, MANUFACTURE, AND COPYRIGHT NOTICE |
|---|
| Date of production, publication, distribution, manufacture, or copyright notice |
©2015 |
| PHYSICAL DESCRIPTION |
|---|
| Extent |
xxi, 502 pages : |
| Other physical details |
illustrations ; |
| Dimensions |
24 cm. |
| CONTENT TYPE |
|---|
| Content type term |
text |
| Source |
rdacontent |
| MEDIA TYPE |
|---|
| Media type term |
unmediated |
| Source |
rdamedia |
| CARRIER TYPE |
|---|
| Carrier type term |
volume |
| Source |
rdacarrier |
| GENERAL NOTE |
|---|
| General note |
Includes index. |
| FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Machine generated contents note: Introduction -- Popular Myths about Computer Forensics -- Types of Computer Forensics Evidence Recovered -- Electronic Mail (Email) -- Images -- Video -- Websites Visited and Internet Searches -- Cellphone Forensics -- What Skills Must a Computer Forensics Investigator Possess? -- Computer Science Knowledge -- Legal Expertise -- Communication Skills -- Linguistic Abilities -- Continuous Learning -- An Appreciation for Confidentiality -- The Importance of Computer Forensics -- Job Opportunities -- A History of Computer Forensics -- 1980's: The Advent of the Personal Computer -- 1990's: The Impact of the Internet -- Training and Education -- Law Enforcement Training -- Summary -- Introduction -- Physical and Logical Storage -- File Storage -- File Conversion and Numbering Formats -- Conversion of Binary to Decimal -- Hexadecimal Numbering -- Conversion of Hexadecimal to Decimal -- |
| FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Contents note continued: Conversion of Hexadecimal to ASCII (American Standard Code for Information Interchange) -- Unicode -- Operating Systems -- The Boot Process -- Windows File Systems -- Windows Registry -- Registry Data Types -- FTK Registry Viewer -- Microsoft Windows Features -- Windows Vista -- Windows 7 -- Windows 8.1 -- Summary -- Introduction -- Hard Disk Drives -- Small Computer System Interface (SCSI) -- Integrated Drive Electronics (IDE) -- Serial ATA (SATA) -- Cloning a PATA or SATA Hard Disk -- Cloning Devices -- Removable Memory -- FireWire -- USB Flash Drives -- External Hard Drives -- MultiMedia Cards (MMCs) -- Summary -- References -- Introduction -- Lab Requirements -- American Society of Crime Laboratory Directors -- American Society of Crime Laboratory Directors/Lab Accreditation Board (ASCLD/LAB) -- ASCLD/LAB Guidelines for Forensic Laboratory Management Practices -- Scientific Working Group on Digital Evidence (SWGDE) -- |
| FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Contents note continued: Private Sector Computer Forensics Laboratories -- Evidence Acquisition Laboratory -- Email Preparation Laboratory -- Inventory Control -- Web Hosting -- Computer Forensics Laboratory Requirements -- Laboratory Layout -- Laboratory Management -- Laboratory Access -- Extracting Evidence from a Device -- Using the dd Utility -- Using Global Regular Expressions Print (GREP) -- Skimmers -- Summary -- Introduction -- Working Undercover -- Generate an Identity -- Generate an Email Account -- Mask Your Identity -- Website Evidence -- Website Archives -- Website Statistics -- Background Searches on a Suspect -- Personal Information: Mailing Address, Email Address, Telephone Number, and Assets -- Personal Interests and Membership of User Groups -- Searching for Stolen Property -- Online Crime -- Identity Theft -- Credit Cards for Sale -- Electronic Medical Records -- Cyberbullying -- Social Networking -- Capturing Online Communications -- Using Screen Captures -- |
| FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Contents note continued: Using Video -- Viewing Cookies -- Using Windows Registry -- Summary -- Introduction -- Obtaining Evidence from a Service Provider -- Documenting a Crime Scene -- Seizing Evidence -- Crime Scene Examinations -- Documenting the Evidence -- Completing a Chain of Custody Form -- Completing a Computer Worksheet -- Completing a Hard Disk Drive Worksheet -- Completing a Server Worksheet -- Using Tools to Document an Investigation -- CaseNotes -- FragView -- Helpful Mobile Applications (Apps) -- Network Analyzer -- System Status -- The Cop App -- Lock and Code -- Digital Forensics Reference -- Federal Rules of Civil Procedure (FRCP) -- Federal Rules of Evidence (FREvidence) -- Writing Reports -- Time Zones and Daylight Saving Time (DST) -- Creating a Comprehensive Report -- Using Expert Witnesses at Trial -- The Expert Witness -- The Goals of the Expert Witness -- Preparing an Expert Witness for Trial -- Summary -- Introduction -- |
| FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Contents note continued: History and Structure of the United States Legal System -- Origins of the U.S. Legal System -- Overview of the U.S. Court System -- In the Courtroom -- Evidence Admissibility -- Constitutional Law -- First Amendment -- First Amendment and the Internet -- Fourth Amendment -- Fifth Amendment -- Sixth Amendment -- Congressional Legislation -- Rules for Evidence Admissibility -- Criminal Defense -- When Computer Forensics Goes Wrong -- Pornography in the Classroom -- Structure of the Legal System in the European Union (E.U.) -- Origins of European Law -- Structure of European Union Law -- Structure of the Legal System in Asia -- China -- India -- Summary -- Introduction -- The Tools of the Trade -- Networking Devices -- Proxy Servers -- Web Servers -- DHCP Servers -- SMTP Servers -- DNS Servers -- Routers -- IDS -- Firewalls -- Ports -- Understanding the OSI Model -- The Physical Layer -- The Data Link Layer -- The Network Layer -- The Transport Layer -- |
| FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Contents note continued: The Session Layer -- The Presentation Layer -- The Application Layer -- Advanced Persistent Threats -- Cyber Kill Chain -- Indicators of Compromise (IOC) -- Investigating a Network Attack -- Summary -- Introduction -- The Cellular Network -- Base Transceiver Station -- Mobile Station -- Cellular Network Types -- SIM Card Forensics -- Types of Evidence -- Handset Specifications -- Memory and Processing -- Battery -- Other Hardware -- Mobile Operating Systems -- Android OS -- Windows Phone -- Standard Operating Procedures for Handling Handset Evidence -- National Institute of Standards and Technology -- Preparation and Containment -- Wireless Capabilities -- Documenting the Investigation -- Handset Forensics -- Cellphone Forensic Software -- Cellphone Forensics Hardware -- Logical versus Physical Examination -- Manual Cellphone Examinations -- Flasher Box -- Global Satellite Service Providers -- Satellite Communication Services -- Legal Considerations -- |
| FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Contents note continued: Carrier Records -- Other Mobile Devices -- Tablets -- GPS Devices -- Summary -- Introduction -- Understanding Digital Photography -- File Systems -- Digital Photography Applications and Services -- Examining Picture Files -- Exchangeable Image File Format (EXIF) -- Evidence Admissibility -- Federal Rules of Evidence (FRE) -- Analog vs. Digital Photographs -- Case Studies -- Worldwide Manhunt -- NYPD Facial Recognition Unit -- Summary -- Introduction -- A Brief History -- Macintosh -- Mac Mini with OS X Server -- iPod -- iPhone -- iPad -- Apple Wi-Fi Devices -- Macintosh File Systems -- Forensic Examinations of a Mac -- 10Reg Info -- PMAP Info -- Epoch Time -- Recovering Deleted Files -- Journaling -- DMG File System -- PList Files -- SQLite Databases -- Macintosh Operating Systems -- Mac OS X -- Target Disk Mode -- Apple Mobile Devices -- iOS -- iOS 7 -- iOS 8 -- Security and Encryption -- iPod -- iPhone -- |
| FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Contents note continued: Enterprise Deployment of iPhone and iOS Devices -- Case Studies -- Find My iPhone -- Wanted Hactevist -- Michael Jackson -- Stolen iPhone -- Drug Bust -- Summary -- Introduction -- Zacharias Moussaoui -- Background -- Digital Evidence -- Standby Counsel Objections -- Prosecution Affidavit -- Exhibits -- Email Evidence -- BTK (Bind Torture Kill) Killer -- Profile of a Killer -- Evidence -- Cyberbullying -- Federal Anti-harassment Legislation -- State Anti-harassment Legislation -- Warning Signs of Cyberbullying -- What Is Cyberbullying? -- Phoebe Prince -- Ryan Halligan -- Megan Meier -- Tyler Clementi -- Sports -- Summary. |
| SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name entry element |
Forensic sciences. |
| SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name entry element |
Digital forensic science. |
| SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name entry element |
Computer crimes |
| General subdivision |
Investigation. |
| SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name entry element |
Computer security. |
| SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name entry element |
Evidence, Criminal. |
| SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name entry element |
Computer crimes |
| General subdivision |
Investigation. |
| Source of heading or term |
fast |
| Authority record control number or standard number |
(OCoLC)fst00872065 |
| SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name entry element |
Computer security. |
| Source of heading or term |
fast |
| Authority record control number or standard number |
(OCoLC)fst00872484 |
| SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name entry element |
Evidence, Criminal. |
| Source of heading or term |
fast |
| Authority record control number or standard number |
(OCoLC)fst00917210 |
| SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name entry element |
Forensic sciences. |
| Source of heading or term |
fast |
| Authority record control number or standard number |
(OCoLC)fst00932011 |
| LOCAL DATA ELEMENT F, LDF (RLIN) |
|---|
| a |
7 |
| b |
cbc |
| c |
copycat |
| d |
2 |
| e |
ncip |
| f |
20 |
| g |
y-gencatlg |
| ADDED ENTRY ELEMENTS (KOHA) |
|---|
| Source of classification or shelving scheme |
Dewey Decimal Classification |
| Koha item type |
Books |
| Classification part |
364.168 |
| Item part |
HAY/F |
| Call number prefix |
364.168 |
| Call number suffix |
HAY/F |
