Product: 1593277938

This is an interesting and practical book in the acquisition, management and preservation of disk images for digital evidence. It is also a technical procedural guide to using the Linux platform and open-source solutions for forensic image acquisition and evidence preservation. The author does a great job of organizing the subject matters into a logical progression from setting up a platform, planning and preparations, acquisition to post acquisition activities. It also serves as a cookbook of tasks that can be used as a reference manual later. The tools used in the book are open-source, command-line based, which promotes the practical reduction of the cost of these forensic activities.

Overall, this is a very readable, well-structured guide that is well suited to both experienced forensic investigators who want to advance the Linux command-line skills in performing their forensic work, as well as Linux/Unix administrators who want to learn digital forensic skills.
Rating: 5
1593277938
Count: 7