FREE Delivery in the UK.
Only 1 left in stock (more on the way).
Dispatched from and sold by Amazon.
Gift-wrap available.
A Guide to Forensic Testi... has been added to your Basket
Condition: Used: Good
Comment: Used Good condition book may have signs of cover wear and/or marks on corners and page edges. Inside pages may have highlighting, writing and underlining. All purchases eligible for Amazon customer service and a 30-day return policy.
Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

A Guide to Forensic Testimony: The Art and Practice of Presenting Testimony as an Expert Witness: The Art and Practice of Presenting Testimony as an Expert Technical Witness Paperback – 9 Oct 2002

See all formats and editions Hide other formats and editions
Amazon Price New from Used from
"Please retry"
£30.95 £14.65

Product details

  • Paperback: 560 pages
  • Publisher: Addison Wesley; 1 edition (9 Oct. 2002)
  • Language: English
  • ISBN-10: 0201752794
  • ISBN-13: 978-0201752793
  • Product Dimensions: 18.8 x 3 x 23.1 cm
  • Average Customer Review: 5.0 out of 5 stars  See all reviews (1 customer review)
  • Amazon Bestsellers Rank: 2,011,813 in Books (See Top 100 in Books)
  • See Complete Table of Contents

More About the Author

Discover books, learn about writers, and more.

Product Description

From the Back Cover

Information technology is an increasingly large factor in legal proceedings. In cases large and small, from the U.S. Government's antitrust suit against Microsoft Corporation, to civil lawsuits filed over the failure of a network, to criminal cases in which the authenticity of electronic evidence is questioned, the testimony of a technical expert is essential. But in order to be effective, an expert technical witness needs much more than an understanding of the technology in question.

A Guide to Forensic Testimony is the first book to address the specific needs of the IT expert witness. It will arm you with the tools you need to testify effectively. Inside you'll find everything from an overview of basic witness responsibilities and challenges to a deeper exploration of what produces successful technical testimony. Written by a computer security authority who has served as a technical witness, and a trial attorney who focuses on how digital evidence and computer forensics are altering litigation, this book is your guide to the complicated forensic landscape that awaits the expert technical witness.

This book contains a wealth of wisdom and experience from the front lines, including firsthand accounts of the challenges faced by expert technical witnesses, practical in-court examples, and helpful advice. Among the topics covered are:

  • The evolution of the expert IT witness and the growing legal dependence on technical expertise
  • Legal criteria established to determine the qualifications and abilities of a technical expert to stand as a witness
  • The kinds of cases and problems that are apt to be encountered in digital forensic assignments
  • Damage caused when the rules of professionalism and ethics are ignored or misapplied
  • The construction and maintenance of a solid professional relationship between expert and attorney
  • The creation and use of visual tools in courtroom testimony
  • Ways to improve the demeanor and non-verbal communication skills of the technical witness

Whether you are an information technologist asked to serve as an expert witness, a legal professional who works with information technology experts, a corporate risk manager, or a client whose interests are affected by the performance of IT experts, you will benefit greatly from A Guide to Forensic Testimony.


About the Author

Fred Chris Smith is an experienced trial attorney who directed economic crime prosecutions for four consecutive New Mexico state attorneys general. For nearly twenty years he has also provided education and training programs throughout the country and abroad, in digital evidence and computer forensics. He has been involved as an attorney, business advisor, and teacher with information technology and legal professionals who are encountering the rapidly changing problems presented by electronic evidence in criminal cases, in the investigation of corporate network fraud and abuse, and in civil litigation. He currently serves as an Assistant United States Attorney.

Rebecca Gurley Bace is a recognized network security authority and consultant. Her career includes work with the National Security Agency, where her contribution to building the national intrusion detection research community earned her an NSA Distinguished Leadership Award. After the NSA, she became the Deputy Security Officer for the Computing Information and Communications Division of the Los Alamos National Laboratory, where she was responsible for one of the world's most complex security-critical computing environments. She is currently President/CEO of Infidel, Inc., and a Venture Partner for Trident Capital. Bace is the author of Intrusion Detection (Macmillan Technical Publishing, 2000).


Customer Reviews

5.0 out of 5 stars
5 star
4 star
3 star
2 star
1 star
See the customer review
Share your thoughts with other customers

Most Helpful Customer Reviews

Format: Paperback
Really informative, more information than other available books. It gives step by step imstruction on how to prepare yourself for court both with evidence and personal appearence including how to act.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Most Helpful Customer Reviews on (beta) 11 reviews
5 of 5 people found the following review helpful
Leads through a legal minefield 29 Jun. 2004
By Mike Tarrani - Published on
Format: Paperback
After reading this book - more than once, I might add, I came away with a few impressions:
(1) Law and the legal domain are as logic-driven as the IT profession for which this book is written.
(2) What may make perfect common sense to a non-legal professional is not necessarily in line with the legal view.
(3) The scope of this book goes far beyond how to present forensic testimony as an IT security professional.
The authors establish a context for what it means to be an expert witness, and the basics (testimony, key cases to lay groundwork, and illustrating examples).
By chapter 4, Understanding the Rules of the Game, you may find yourself mired down in more detail than you think necessary; however, it is within the morass of details where you'll start to see the complexity of the legal process. And complex it is. The dissection of key cases, how experts made a difference (either way), and cited cases that show how the law is evolving are necessary background information for any IT professional, either as an expert witness, as a plaintiff, or as a defendant.
If you do wind up in court as a witness (expert or not) in a security, contract or other case (criminal or legal), turn to chapters 9 (testimony), 11 (demeanor and credibility), and 12 (non-verbal communication). These will quickly prep you. If you are going as an expert witness I advise you to cram, especially every chapter starting with Chapter 5.
Who else should read this book? Any IT professional who is involved with contracts, quality, consulting, or product development. Chances are you may wind up in court at some point, and this material is as applicable in many cases to anyone called as a witness as it is to expert witnesses.
While this book is not easy to plow through, and the details may seem to fine-grained or to overwhelming, it will prepare you for your day in court.
4 of 4 people found the following review helpful
Should be much thinner, but informative nonetheless 14 Dec. 2002
By Richard Bejtlich - Published on
Format: Paperback
My four star rating of "A Guide to Forensic Testimony" (AGTFT) is based on the text's novelty and its desire to truly help expert witnesses. Anyone who expects to testify regarding technical issues will benefit from reading this book, although they could learn just as much by reading the "Cliff Notes" version.

AGTFT shines in certain respects. Chapter 2's excerpts from Bill Gates' testimony in Microsoft's trial, chapter 4's description of the roles of expert witnesses, and chapter 8's discussion of expert witness qualifications were excellent. Succinct, educational guidance on producing effective visual aids appeared in chapter 10. I also appreciated the wisdom Gene Spafford shared with readers in chapter 13.

Elsewhere, however, I repeatedly question the dozens of pages devoted to irrelevant digressions. Before chapter one even begins, the reader is faced by 45 pages of preface, introductions, and so on. Once in the main text, the reader must contend with far too many lengthy excerpts from court decisions. I'm sure the authors and editors wrestled with the problem of how much of each reference should be included. Unfortunately, they erred on the side of too many citations. Many are simply silly -- "We sometimes don't imagine so because of the main enemy of human compassion, sloth." Good grief. I also didn't need to read about Viagra, cattle guards, Houdini, "grinners," aikido, "the unbroken circle," and other topics and metaphors intended to convey the author's intentions.

AGTFT is a good book, but I recommend waiting for someone else to read and highlight it. Then, piggyback on that person's work and pay attention to the main points. Incidentally, my copy, already highlighted, stays in my library.
2 of 2 people found the following review helpful
Very good book, but a bit wordy. 2 Sept. 2003
By Eric Kent - Published on
Format: Paperback
This is a very good book, but a bit wordy.
The authors go into a lot of legal detail. If you are not a lawyer, you can skip these sections, which make up about a third of the book.
But besides that, it is a very good book.
Very comprehensive guide 20 Dec. 2002
By Dr Anton Chuvakin - Published on
Format: Paperback
This book might sound like the most boring security book that was ever written. It is also full of confusing and hard to read
legalese. However, security professionals that might have to deal with law enforcement due to various information security incidents (that means everybody, sooner or later) will have to buy and read it anyway and will be happy they did. The content of the book is simply exclusive. Many of the security books simply collect stuff found on the Internet and package it together - this book shines like a solid gold of unique author's experiences and research.
The interesting thing that while the book tries to convince the reader that doing expert testimony on computer security subjects might be a good thing, it is not clear that every reader will indeed be convinced of that upon reading it. The whole legal system thing is just too big and very different from other IT security professional responsibilities, so that the book might actually project the opposite impression - namely, don't mess with it. The "duty" might not be motivating enough to take a stand and testify, suffer from cross-examination, etc. Understandably, it might be good for professional reputation. It also sees from the book that such reputation can also be destroyed by the expert testimony.
The book first provides a complete history of expert testimony in
various fields, naturally leading the reader to the computer security case. The authors (Rebecca Bace is a renowned expert in the field of security) have clearly done their homework extremely well and managed to present their findings just as well.
The coverage of relevant material seems to be exceptional as
well. Relationship with lawyers, with police, other government bodies, pseudo scientists is all covered in the book.
The book also has many real-life examples, such as from 'US vs
Microsoft' and other recent and famous cases where IT and infosec were involved. It also has some fun fictitious examples, such as 'An Expert's Dream' and 'An Expert's Nightmare' cases, that illustrate the pitfalls of the process.
Overall, its not a fun book to read, but if you find yourself needing to face the courtroom - there is probably no better resource to prepare.
Anton Chuvakin, Ph.D., GCIA is a Senior Security Analyst with a major information security company. His areas of infosec expertise include intrusion detection, UNIX security, forensics, honeypots, etc. In his spare time he maintains his security portal
Too little known effort that explains the essence of forensics testimony 16 Jun. 2008
By Jerry Saperstein - Published on
Format: Paperback Verified Purchase
This is an under-appreciated book. I've met only one person in my area (computer forensics) who had heard of it. Of all the lawyers, judges and other forensics experts I've mentioned it to, none had ever heard of it - which is a pity. This book attempts to explain what an expert technical witness does and how they should be employed.

The lay public, in general, has a distorted view of the value of forensic data and how it is used. While the general press is loaded with stories of DNA, the more mundane aspects of forensics deal with things like why a metal support may have failed or, in my area, determining if certain data existed in a computer storage device. Billions of dollars can be at risk when a technical expert witness testifies - and all too often, the witness, the lawyers, the judge and (if there is one) the jury are clueless to some extent.

This book tries to educate the technical expert witness as to their responsibilities to the court. Most expert witnesses I've encountered don't have a clue as to the judicial rules they operate under: this book, much to its credit, explains the basics.

"A Guide To Forensic Testimony" does have it weaknesses. It tries to cover too much territory, I think, such as "non-verbal communication". While telling someone not to pick their nose while testifying is important, this kind of book may not be the appropriate place. (The example, by the way, doesn't appear in the book, but the suggestions offered are just as elementary.)

On the whole, this is an interesting, helpful book which every technical expert who may be called upon to testify would benefit from reading. Be prepared, however, for a slow read. The authors' writing style is a bit pedantic.

Were these reviews helpful? Let us know