iv
Kevin wishes to thank his mother, Sally; girlfriend, Loredana; and daughter,Aspen, all of whom are sources
of his inspiration. Kevin holds a master’s degree from Southern Methodist University and is a member of the
IEEE and ACM. Kevin currently resides in Cornwall, England.
Marcus J. Carey (CISSP, CTT+) is the president of Sun Tzu Data, a leading information assurance and infras-
tructure architecture firm based out of central Maryland. Marcus’ specialty is network architecture, network secu-
rity, and network intrusion investigations. He served over eight years in the U.S. Navy’s cryptology field. During
his military service Marcus engineered, monitored, and defended the U.S. Department of Defense’s secure net-
works.
Marcus holds a master’s degree from Capitol College, where he also serves as professor of information assur-
ance. Marcus currently resides in central Maryland with his family, Mandy, Erran, Kaley, and Christopher.
Timothy Clinton has held multiple roles in the EDD/ESI vendor space. He is currently employed as forensics
operations manager for the National Technology Center division of Document Technologies, Inc. (DTI), a major
ESI service. Since joining the DTI team, Mr. Clinton has served in multiple roles, including EDD production
manager, technical architect, and forensic investigator. He has conducted and managed investigations for numerous
civil cases regarding matters for Fortune 50 of law. Mr. Clinton’s most notable achievement while at DTI is being
responsible for the design and implementation of a showcase data forensics laboratory in Atlanta, Georgia.
Edward Collins (CISSP, CEH, Security+, MCSE:Security, MCT) is a senior security analyst for CIAN, Inc.,
where he is responsible for conducting penetration tests, threat analysis, and security audits. CIAN (www.cian-
center.com) provides commercial businesses and government agencies with all aspects of information security
management, including access control, penetration testing, audit procedures, incident response handling, intrusion
detection, and risk management. Edward is also a training consultant, specializing in MCSE and Security+ certifi-
cations. Edward’s background includes positions as information technology manager at Aurora Flight Sciences and
senior information technology consultant at Titan Corporation.
James “Jim” Cornell (CFCE, CISSP, CEECS) is an employee of Computer Sciences Corp. (CSC) and an
instructor/course developer at the Defense Cyber Investigations Training Academy (DCITA), which is part of the
Defense Cyber Crime Center (DC3) in Maryland. At the academy he teaches network intrusions and investiga-
tions, online undercover techniques, and advanced log analysis. He has over 26 years of law enforcement and over
35 years of electronics and computer experience. He is a member/coach of the International Association of
Computer Investigative Specialists (IACIS) and a member of the International Information Systems Forensics
Association (IISFA) and the International Information Systems Security Certification Consortium (ISC2). He is
currently completing the Certified Technical Trainer (CTT+) process and is a repeat speaker at the annual
Department of Defense Cyber Crime Conference.
He would like to thank his mother for more than he can say, his wife for her patience and support, and
Gilberto for being the best friend ever.
Michael Cross (MCSE, MCP+I, CNA, Network+) is an internet specialist/programmer with the Niagara
Regional Police Service. In addition to designing and maintaining the Niagara Regional Police’s Web site
(www.nrps.com) and intranet, he has also provided support and worked in the areas of programming, hardware,
database administration, graphic design, and network administration. In 2007, he was awarded a Police
Commendation for work he did in developing a system to track high-risk offenders and sexual offenders in the
Niagara Region. As part of an information technology team that provides support to a user base of over 1,000
civilian and uniformed users, his theory is that when the users carry guns, you tend to be more motivated in
solving their problems.
Michael was the first computer forensic analyst in the Niagara Regional Police Service’s history, and for five
years he performed computer forensic examinations on computers involved in criminal investigations.The com-
puters he examined for evidence were involved in a wide range of crimes, inclusive to homicides, fraud, and pos-
session of child pornography. In addition to this, he successfully tracked numerous individuals electronically, as in
cases involving threatening e-mail. He has consulted and assisted in numerous cases dealing with computer-
related/Internet crimes and served as an expert witness on computers for criminal trials.
Michael has previously taught as an instructor for IT training courses on the Internet, Web development, pro-
gramming, networking, and hardware repair. He is also seasoned in providing and assisting in presentations on
