Investigating Hard Disks, File and Operating Systems provides a basic understanding of file systems, hard disks and digital media devices. Boot processes, Windows and Linux Forensics and application of password crackers are all discussed.
Chapter 1, Understanding File Systems and Hard Disks, provides an overview of disk drives and then delves deeper into hard disks. Coverage also includes physical data storage and various file systems in use on computer systems.
Chapter 2, Understanding Digital Media Devices, focuses on the different types of data that can be stored on digital media devices, including older digital media such as magnetic tapes and floppy disks to new digital media such as CDs, DVDs, digital audio players, and flash drives.
Chapter 3, Windows, Linux, and Macintosh Boot Processes, covers basic information about the boot process for various operating systems including MS-DOS, Windows, Linux, and Mac OS.
Chapter 4, Windows Forensics I, covers the different types of volatile and nonvolatile information an investigator can collect from a Windows system including detail about collecting and analyzing data in memory, the registry, and files.
Chapter 5, Windows Forensics II, continues the discussion from Chapter 4 by covering events and event logs, password and authentication issues, and various popular Window forensic tools.
Chapter 6, Linux Forensics, explains not only how to perform forensics with a Linux system as a target, but also why it can be beneficial to use a Linux system in other investigations.
Chapter 7, Application Password Crackers, covers tools used in password recovery, ways to bypass BIOS passwords, methods for removing CMOS batteries, and Windows XP/2000/NT keys.