Computer System Storage Fundamentals
by Chris Prosise, Kevin Mandia, and Matt Pepe
This excerpt is reprinted with permission from McGraw-Hill, copyright 2003. For more information or to order the book, click here.
Written by FBI insiders, this book offers a look at the legal, procedural, and technical steps of incident response and computer forensics. Including chapters on forensic analysis and remediation, and real-world case studies. It further describes how to counteract and conquer today's hack attacks.
Before you can dive head first into exciting investigations involving computer intrusions from foreign countries, international money-laundering schemes, foreign state-sponsored agents, or who posted your purity test score to Usenet, you need to have a solid understanding of basic computer hardware, software, and operating systems.
This chapter focuss on system storage—hard drives and the file systems on those drives. It begins with an overview of the various hard drive interface standards and how they affect your forensic duplications (including how to avoid the destruction of expensive SCSI hardware.) Then it covers how to prepare hard drive media for use during your investigation. The final section introduces the principles and organization of data storage.