- Published on Amazon.com
This is an interesting book that will most likely not be helpful to many people. What I mean by this is that Digital Triage Forensics (DTF) is about responding to a battlefield scene and preserving the evidence, while getting valuable intel as quickly as possibly. Performing exams on the battlefield isn't something you're going to do unless you want to get shot by a sniper, mortared, etc., so the standard Computer Forensic Field Triage Process Model (CFFTPM), is not the best choice, which is why DTF has been developed.
Chapter 4 Using the DTF Model to Process Digital Media has some nice information in it for someone looking to for introductory material to the computer forensics field. DTF explains the differences between physical and logical drives with a library analogy, the hardware needed to conduct an exam, and some software available for use to help throughout the exam. The material is delivered in an easy to understand manner, but again, it's basic.
Chapter 5 Using the DTF Model to Collect and Process Cell Phones and SIM Cards was a decent chapter on cell phone collections, but again, no ground breaking research here. There are some tools covered that show they are certainly worthy of being mentioned, such as the HTCI Isolation Chamber. However, there is not much presented here that is not covered in the introduction level books to mobile forensics.
Nitpicking: This section is to just list some small complaints I have with the book. DTF uses many acronyms and if you're not familiar with the terms already, you may get them mixed up or just plain forget their meaning; some examples would include WIT, WTI, CEXC, LRCT, IDIP, DCSA, AOR, TTP, CITP, NGIC, INSCOM, NCOIC. The examples mentioned were from four pages I randomly flipped to. There also were a decent amount of typos or grammar mistakes in this publishing. Some as simple as copying the sentence used one sentence ago and changing a few minor parts of it to compare the differences of two objects, while not removing all the parts from the previous sentence. For example: X is a good tool for reasons a, b, and c. Y is a good is a nice tool for c, d, and e. Do you notice the mistake? I find these types of mistakes annoying and distracting.
As someone working in the corporate environment, I don't see this material being of much use to me personally, other than as a talking point and furthering my knowledge on the environment other examiners face. I could see this book holding value for law enforcement that deals with high risk situations. Another beneficial audience of this book could be soldiers who have interest in entering the field on a Weapon Intelligence Team (WIT) or are going to be training soldiers. This would provide a solid foundation for what is to be expected of the soldier.
Pictures are included in the book, which is a nice break from all the words on a page, but I found myself wondering as to why some pictures were included.
Overall, it was easy reading and nothing technical; I found the book to be interesting, but if you're looking for knowledge you can put to use in a non-battlefield environment, look elsewhere. I give this a 3/5, because if you read this for entertainment or had some interest in the topic, it wasn't going to bore you to sleep (too quickly). However, this information just isn't practical for anyone outside of the battlefield (which includes some law enforcement).
(This review can also be found on my website.)