CengageBrain.com online ordering is suspended for maintenance from 5th - 10th November 2014.

You can not place orders online during this time. For urgent queries please call Customer Services on +44 (0) 1264 342932 or email: emea.cengagebrain@cengage.com


Guide to Computer Forensics and Investigations 4e

ISBN-13: 9781435498839 / ISBN-10: 1435498836

Bill Nelson, IT Forensics, Inc.
Amelia Phillips, Highline Community College
Christopher Steuart, ITForensics, Inc. and University of Washington
Published by Cengage Learning, ©2010
Available Now

Learners will master the skills necessary to launch and complete a successful computer investigation with the updated fourth edition of this popular book, GUIDE TO COMPUTER FORENSICS AND INVESTIGATIONS. This resource guides readers through conducting a high-tech investigation, from acquiring digital evidence to reporting its findings. Updated coverage includes new software and technologies as well as up-to-date reference sections. Learn how to set up a forensics lab, how to acquire the proper and necessary tools, and how to conduct the investigation and subsequent digital analysis. The book features free downloads of the latest forensic software, so readers can become familiar with the tools of the trade.


  • STEP-BY-STEP EXPLANATIONS: Provides explanations on how to use the most popular forensic tools.
  • EXPANDED DISCUSSION ON ETHICS, COMPUTER FORENSICS AND THE LAW: Provides specific guidance on dealing with civil and criminal matters relating to the law and technology.
  • COMPUTER FORENSICS OPERATIONS METHODOLOGIES: Discussions on how to manage a corporate computer forensics operation in today’s business environment.
  • EXTENSIVE LEARNING TOOLS: Review Questions, Hands-On Projects, and Case Projects that allow readers to practice skills they have learned.
  • FREE SOFTWARE: Free software works with running case studies, giving readers the opportunity to test their new skills and tying the content to professional practice. Videos of drive acquisitions and related activities for computer forensics are also included on the DVD.

1: Computer Forensics and Investigation Processes.
2: Understanding Computing Investigations.
3: The Investigator’s Office and Laboratory.
4: Data Acquisitions.
5: Processing Crime and Incident Scenes.
6: Working with Windows and DOS Systems.
7: Current Computer Forensics Tools.
8: Macintosh and Linux Boot Processes and File Systems.
9: Computer Forensics Analysis.
10: Recovering Graphics Files.
11: Virtual Machines, Network Forensics, and Live Acquisitions.
12: E-mail Investigations.
13: Cell Phone and Mobile Device Forensics.
14: Report Writing for High-Tech Investigations.
15: Expert Testimony in High-Tech Investigations.
16: Ethics and High-Tech Investigations.
Appendix A: Certification and Testing Processes for Computer Forensics.
Appendix B: ComputerForensics References.
Appendix C: Computer Forensics Lab Configuration.
Appendix D: DOS-Based Computer Forensics Tools.
  • Updated to include Vista.
  • Expanded discussion on Microsoft’s NTFS and MFT.
  • Advance NTFS data carving techniques.
  • Updated tools and applications references for the computing forensics examiner.
  • Updated reference sections for computing forensics resources.
Bill Nelson
Bill Nelson has been a computer forensics examiner for a Fortune 50 company for the past 12 years and has developed high-tech investigation programs for professional organizations and colleges. His previous experience includes AFIS software engineering and reserve police work.

Amelia Phillips
Amelia Phillips is a graduate of the Massachusetts Institute of Technology and has worked for more than 30 years in government, private industry, and academics. She has designed distance education classes and e-commerce, computer forensics, and network security programs at several community colleges. Amelia is Chair of the Pure and Applied Science Division at Highline Community College, a Fulbright Scholar, and a recent PhD in computer security.

Christopher Steuart
Christopher Steuart is one of the founders and the staff attorney for IT Forensics.com. Previously, he was an information systems security specialist for a Fortune 50 company and the United States government. Chris resides in Seattle, Washington.