Bristol Community College

Computer Information Systems Department

CIT 155 - Intro to Computer Forensics

Spring 2019 Handouts and Assignments

Recommended Textbook

Investigating Windows Systems
Author: Harlan Carvey
Paperback ISBN-13: 9780128114155
ISBN-10: 0128114150
eBook ISBN: 9780128114162
Publisher: Academic Press; 1 edition (August 2018)

Highly recommended Digital Forensics books online

pdfdrive.com/computer-forensics-books.html. In paricular,
Computer Forensics & Digital Investigation with EnCase Forensic v7
Computer Forensics: Investigating Hard Disks, File and Operating Systems
Incident Response & Computer Forensics 3rd Edition

Lectures

  1. Computer Crimes (handout)
  2. Google Search (handout)
  3. Digital Evidence (handout)
  4. The Investigative Process in Computer Forensics (handout)
  5. Important Laws and Statutes (handout)
  6. Investigative Methodology (handout)
  7. Preparation for digital evidence examination (handout)
  8. Evidence Collection and Preservation (handout)
  9. Forensic Accounting (handout)
  10. Overview of Computer forensics
  11. Hardware ( handout)
  12. Disk Drives (handout)
  13. Botnets (handout)

Forensic Images for Exercises

  1. dd_images.zip
  2. Beryls_Thumbdrive.zip -- zipped image of a thumbdrive
  3. CandaceDoeFloppy.zip -- zipped image of a floppy with the acquisition hash value.

Software Downloads

  1. winhex15.zip
  2. AccessData FTK Imager Lite

Reference

  1. Bits, Bytes, Hex, and FAT file system (handout)
  2. Forensic Laboratory: Using ProDiscover Basic
  3. Step-by-Step EnCase Media Examination (handout)
  4. FAT Overview ( handout )
  5. Forensic Examination of Digital Evidence: A Guide for Law Enforcement . In particular, look at page 24, where the case brief report sample begins.
  6. Algorithm For Creating Social Security Numbers -- online article
  7. CD/DVD Disc Labeling

Sample Forensic Reports

  1. REPORT1.DOC
  2. REPORT2.DOC
  3. REPORT3.DOC
  4. BASICRPT.DOC
  5. REPORT5.DOC
  6. BIOS and Harddrive Acquisition Form
  7. chain_of_custody.rtf blank
  8. chain_of_custody_sample.rtf sample
  9. TechnicalBackgrounders.doc Addendum