The Role of Computer Forensics in Stopping Executive Fraud is a very interesting case study article illustrating various forensic concepts and techniques based around what the author says is a very real case study involving corporate fraud.
I found especially interesting some of the actual Linux command lines they used to both wipe and image data.
# > dd if=/dev/urandom of=/dev/hda
This fills a harddrive with random numbers; can and should be repeated a number of times to sanitize a drive. DD is native to Linux.
# > dd if=/dev/hda of=/mnt/image.dd
This command copies an image of one drive to another.
# > md5sum /dev/hd
Calculates a checksum for the drive. Md5sum is native to Linux.
# > md5sum /mnt/image.dd
Calculates a checksum for the image to verify that it is the same as the drive.