[...]... In this CHFI study guide, you will learn the concepts of computer forensics and how to prepare for the EC-Council’s Computer Hacker Forensic Investigator exam.This chapter will review the objectives of computer forensics It will also discuss computer- facilitated crimes, the reasons for cyber crime, the computer forensics flaws and risks, modes of attack, digital forensics, and the stages of forensic... 465_SG _CHFI_ TOC.qxd xvi Contents 10/15/07 9:53 AM Page xvi 465_SG _CHFI_ 01.qxd 10/12/07 12:18 PM Page 1 Chapter 1 CHFI Computer Forensics in Today’s World Exam objectives in this chapter: ■ The History of Forensics ■ The Objectives of Computer Forensics ■ Computer- Facilitated Crimes ■ Reasons for Cyber Attacks ■ Computer Forensic Flaws and Risks ■ Computer Forensics: Rules, Procedures, and Legal Issues ■ The. .. coherent and meaningful format —Dr H.B Wolfe 3 465_SG _CHFI_ 01.qxd 4 10/12/07 12:18 PM Page 4 Chapter 1 • Computer Forensics in Today's World Investigators must apply two tests for evidence for both computer forensics and physical forensics to survive in a court of law: ■ Authenticity Where does the evidence come from? ■ Reliability Is the evidence reliable and free of flaws? Head of the Class… Security... personnel call the corporate lawyer for legal advice 2 The forensic investigator prepares a First Response of Procedures (FRP) 3 The forensic investigator seizes the evidence at the crime scene and transports it to the forensic lab 4 The forensic investigator prepares bit-stream images of the files and creates an MD5 # of the files 5 The forensic investigator examines the evidence for proof of a crime, and prepares... tracking cyber criminals .The chapter also covers various stages of building a computer forensics laboratory 465_SG _CHFI_ 01.qxd 10/12/07 12:18 PM Page 3 Computer Forensics in Today's World • Chapter 1 The History of Forensics Forensics has been around since the dawn of justice Cavemen had justice in rules set to protect home and hearth Francis Galton (1822–1911) made the first recorded study of fingerprints,... forensic events, you see patterns of confidence in the forensic information recovered and analyzed.You will see in this study guide, today’s computer forensics is clearly a new pattern of confidence, acceptance, and analysis The Objectives of Computer Forensics Cyber activity has become an important part of the everyday lives of the general public According to the EC-Council, eighty-five percent of businesses... investigative report before concluding the investigation 6 The forensic investigator hands the sensitive report information to the client, who reviews it to see whether they want to press charges 7 The FI destroys any sensitive client data It is very important that a forensic investigator follows all of these steps and that the process contains no misinformation that could ruin his reputation or the reputation... information Assessing the Case: Detecting/Identifying the Event/Crime In any type of investigation, the computer forensic examiner must follow an investigation process.That process begins with the step of assessing the case, asking people questions, and documenting the results in an effort to identify the crime and the location of the evidence Computer investigations are conducted on two types of computers:... intellectual property theft/misuse happens or during employee disputes where there is damage to resources Legal Issues Damage & Defense It is not always possible for a computer forensics expert to separate the legal issues surrounding the evidence from the practical aspects of computer forensics (e.g. ,the issues related to authenticity, reliability, and completeness and convincing) .The approach of investigation... accounted for, from the time of collection to the time of presentation to the court Hence, it must meet the relevant evidence laws Permission When my company was broken into, I provided verbal permission to law enforcement to search my facility and locate the missing computers I also gave permission to turn on one of the computers where we confirmed the x-employee had broken into the building, stolen the computers, . a computer forensics laboratory. 465_SG _CHFI_ 01.qxd 10/12/07 12:18 PM Page 2 Computer Forensics in Today's World • Chapter 1 3 The History of Forensics Forensics has been around since the. within the corporate arena. In the HP case, several investigators were arrested, including legal counsel, for their actions. In this CHFI study guide, you will learn the concepts of computer forensics. to prepare for the EC-Council’s Computer Hacker Forensic Investigator exam.This chapter will review the objectives of computer forensics. It will also discuss computer- facilitated crimes, the reasons for