Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image
Have one to sell? Sell on Amazon

EnCase Computer Forensics, includes DVD: The Official EnCE: EnCase Certified Examiner Study Guide Paperback – December 5, 2007

ISBN-13: 978-0470181454 ISBN-10: 0470181451 Edition: 2nd
Buy used
Condition: Used - Good Details
Condition: Used: Good
Comment: Item is in good condition. May include some wear and creases on the cover. Fast shipping. Free delivery confirmation with every order.
Access codes and supplements are not guaranteed with used items.

Used & new from other sellers Delivery options vary per offer
56 used & new from $0.01
Amazon Price New from Used from
"Please retry"
Paperback, December 5, 2007
"Please retry"
$40.00 $0.01

Hero Quick Promo
Save up to 90% on Textbooks
Rent textbooks, buy textbooks, or get up to 80% back when you sell us your books. Shop Now

Editorial Reviews

From the Back Cover

Fully revised for the very latest EnCE exam and EnCase software

EnCE certification tells the world that you've not only mastered the use of EnCase Forensic Software, but also that you have acquired the in-depth forensics knowledge and techniques you need to conduct complex computer examinations. This official study guide, written by a law enforcement professional who is an expert in EnCE and computer forensics, provides the complete instruction, advanced testing software, and solid techniques you need to prepare for the exam.

Key topics include:

  • Understanding Computer Hardware. Understanding computer components, boot processes, partitions, and files systems, so you can explain them to a jury

  • First Response. What to do and how to follow procedures when first entering a scene

  • Acquisition of Digital Evidence. Creating EnCase boot disks; booting with EnCase boot disks; and drive-to-drive, network cable, FastBloc, Linen, and Enterprise acquisitions

  • EnCase Forensic Software Overview. Tour of EnCase environment including software, menus, and capabilities

  • Report Writing. Sample reports from real-life cases (names changed)

  • EnCase Legal Journal. Essential information on operating within the law and giving expert testimony

Look inside for complete coverage of all exam objectives.

About the Author

Steve Bunting, EnCE, CCFT, is a Captain with the University of Delaware Police Department where he is responsible for computer forensics, video forensics, and investigations involving computers. With over 30 years of experience in law enforcement, Steve has conducted computer forensic examinations for local, state, and federal agencies and has testified in court on numerous occasions as a computer forensics expert. He is coauthor of Mastering Windows Network Forensics and Investigation (Sybex).

Best Books of the Month
Best Books of the Month
Want to know our Editors' picks for the best books of the month? Browse Best Books of the Month, featuring our favorite new books in more than a dozen categories.

Product Details

  • Paperback: 648 pages
  • Publisher: Sybex; 2 edition (December 5, 2007)
  • Language: English
  • ISBN-10: 0470181451
  • ISBN-13: 978-0470181454
  • Product Dimensions: 7.5 x 1.4 x 9.3 inches
  • Shipping Weight: 2.2 pounds
  • Average Customer Review: 4.1 out of 5 stars  See all reviews (34 customer reviews)
  • Amazon Best Sellers Rank: #497,047 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

4.1 out of 5 stars

Most Helpful Customer Reviews

44 of 45 people found the following review helpful By Richard Bejtlich on October 9, 2006
Format: Paperback
I decided to read and review three digital forensics books in order to gauge their strengths and weaknesses: "File System Forensic Analysis" (FSFA) by Brian Carrier, "Windows Forensics" (WF) by Chad Steel, and "EnCase Computer Forensics" (ECF) by Steve Bunting and William Wei. All three books contain the word "forensics" in the title, but they are very different. If you want authoritative and deeply technical guidance on understanding file systems, read FSFA. If you want to focus on understanding Windows from an investigator's standpoint, read WA. If you want to know more about EnCase (and are willing to tolerate or ignore information about forensics itself), read ECF.

In the spirit of full disclosure I should mention I am co-author of a forensics book ("Real Digital Forensics") and Brian Carrier cites my book "The Tao of Network Security Monitoring" on p 10. I tried to not let those facts sway my reviews.

In terms of overall book value, ECF is the weakest of the three previously mentioned -- but it is the only book on EnCase. As such it is the one independent book which will help you understand the king of the commercial forensics world. I was particularly interested in using the accompanying DVD, which offered a demo version of EnCase. I did encounter the same limitations as mentioned in previous reviews, but I was able to at least perform most of the numbered exercises in the text. I thought the fairly crippled version of EnCase packaged with the book was a drawback, but I know Guidance Software is paranoid about even discussing their product outside of their training environment.

As far as covering EnCase goes, ECF is a pretty good book. I am an EnCase newbie, but I was able to follow most of the book's discussion of the product's interface.
Read more ›
2 Comments Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
10 of 10 people found the following review helpful By ForensicFocus.com on June 29, 2006
Format: Paperback
Steve Bunting is the head of the police computer forensics unit in Delaware and, together with co-author William Wei, a computer crime detective in New Jersey, has written an outstanding book which should find a place on every computer forensic examiner's bookshelf - even the bookshelves of those who rarely, if ever, use EnCase as a forensic tool.

This is a fairly thick book at 500 plus pages and a quick flick through reveals that the text is satisfyingly dense and interspersed with a generous number of screenshots. This is certainly not one of those technology books which tries to impress by its sheer physical size but disappoints once opened to reveal a large font and too much white space!

Although the title bills this book as "The Official EnCE EnCase Certified Examiner Study Guide" there is a huge amount of information contained within which will be of use to both the experienced investigator and keen student regardless of their forensic tool of choice. Bunting starts with a concise yet remarkably clear and in depth discussion of computer hardware in chapter 1. After covering a wide range of components he moves on to the boot process, then partitions and filesystems (in general). Even at this early stage it is clear that Bunting can write, and write well. In addition to the depth of knowledge he displays his tone is engaging and he possesses a remarkable ability to describe somewhat complicated technical subject matter with great clarity. Each chapter ends with a summary and an overview of those aspects of the EnCE exam covered, together with a set of review questions (provided, along with many of the "real world scenario" sections, by co-author William Wei).
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
12 of 13 people found the following review helpful By W. Ng on June 20, 2006
Format: Paperback
Bought the book some 3 weeks ago and had gone through the entire book.

The contents are good and beneficial, but the provided evaluation Encase version 5 is not working properly.

Many of the exercises stated in the book cannot be carried out because those necessary features needed are not activated in the provided software. But the book said the provided software is constructed for us to go through all the exercises in preparation for the Phase II practical test.

Wrote a complaint to the publisher and they acknowledged the errors in the software but then they do nothing to resolve it...I sort of feeling being cheated and it seems like it is a strategy they are using to force us to spend the huge sum of money to buy the commercial Encase software.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
4 of 4 people found the following review helpful By David Grossman on March 21, 2006
Format: Paperback
Great book! Whether you are going for your EnCE certification or just getting started in the hot field of computer forensics this is a great place to start. This book takes you from the basic computer components (However - If you don't know what a CPU is at this point you better do a lot more reading and get out of your house every once in a while) through the depths of capturing and reporting data. The authors of this book sprinkle in real life law enforcement experience which makes this book much more that just a "tech manual".

Encase is a very powerful piece of software used by most large law enforcement agencies and corporations that perform computer forensics. This book will show you how to collect data (evidence), understand the data EnCase presents and report on it.

I would recommend it for anyone interested in the computer forensics and how computers really work and store data.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Most Recent Customer Reviews