Saturday, March 14, 2009

Computer Forensics for Dummies


"Computer Forensics for Dummies", by Linda Volonino and Reynaldo Anzaldua.

I picked up a copy of this book and read through it.  I have to say, I was pleasantly surprised.  However, most of the "Dummies" books are well written, this one stands out for tackling a fairly  exotic subject matter and pulls it off.

The authors do an excellent job of providing a beginning framework for conducting computer forensic investigations and the book has a lot of practical advice.  Especially in the area of the process.

The authors also do an excellent job of explaining in plain language, the concepts of computer forensics and the methods used to both hide and recover data.

While the book does not go into technical depth, that is actually a good thing.  If I were teaching an introductory course in computer forensics, I would probably select this book as my course textbook.

I would also recommend this book to attorneys who want to know enough about computer forensics to hire and work with an expert.

For those who are looking for a general process for investigating computer evidence, the book is a very good resource.  Better than the majority of the computer forensics books on the market in that respect.

The problem with most computer forensics books is that they assume a level of knowledge.  Computer Forensics for Dummies only assumes that you have a little understanding of computers and does an excellent job of providing introductory concepts in computer forensics.

If you approach the book as I think it is intended, as a survey of computer forensics, then I think you will be very pleased with the information in the book.

If you think it is going to make you a computer forensics expert, it can only serve as a starting point for a lot of future training and education.  It is not intended to be a highly technical or legal or investigative book.  As far as I can tell, it does just what it sets out to do; give a very solid overview of computer forensics.

However, don't sell it short.  Some of the advice in the book is excellent.  And the process outline for conducting computer forensic examinations is quite good.

The other plus about the book is that it is written very well and is an easy read.  For students or anyone for that matter, who is interested in the computer forensics field, it is well worth the  price.