Practical Windows Forensics (eBook)

eBook Download: EPUB
2016
322 Seiten
Packt Publishing (Verlag)
978-1-78355-410-2 (ISBN)

Lese- und Medienproben

Practical Windows Forensics - Ayman Shaaban, Konstantin Sapronov
Systemvoraussetzungen
43,19 inkl. MwSt
  • Download sofort lieferbar
  • Zahlungsarten anzeigen

Leverage the power of digital forensics for Windows systems

About This Book

  • Build your own lab environment to analyze forensic data and practice techniques.
  • This book offers meticulous coverage with an example-driven approach and helps you build the key skills of performing forensics on Windows-based systems using digital artifacts.
  • It uses specific open source and Linux-based tools so you can become proficient at analyzing forensic data and upgrade your existing knowledge.

Who This Book Is For

This book targets forensic analysts and professionals who would like to develop skills in digital forensic analysis for the Windows platform. You will acquire proficiency, knowledge, and core skills to undertake forensic analysis of digital data.

Prior experience of information security and forensic analysis would be helpful. You will gain knowledge and an understanding of performing forensic analysis with tools especially built for the Windows platform.

What You Will Learn

  • Perform live analysis on victim or suspect Windows systems locally or remotely
  • Understand the different natures and acquisition techniques of volatile and non-volatile data.
  • Create a timeline of all the system actions to restore the history of an incident.
  • Recover and analyze data from FAT and NTFS file systems.
  • Make use of various tools to perform registry analysis.
  • Track a system user's browser and e-mail activities to prove or refute some hypotheses.
  • Get to know how to dump and analyze computer memory.

In Detail

Over the last few years, the wave of the cybercrime has risen rapidly. We have witnessed many major attacks on the governmental, military, financial, and media sectors. Tracking all these attacks and crimes requires a deep understanding of operating system operations, how to extract evident data from digital evidence, and the best usage of the digital forensic tools and techniques. Regardless of your level of experience in the field of information security in general, this book will fully introduce you to digital forensics. It will provide you with the knowledge needed to assemble different types of evidence effectively, and walk you through the various stages of the analysis process.

We start by discussing the principles of the digital forensics process and move on to show you the approaches that are used to conduct analysis. We will then study various tools to perform live analysis, and go through different techniques to analyze volatile and non-volatile data.

Style and approach

This is a step-by-step guide that delivers knowledge about different Windows artifacts. Each topic is explained sequentially, including artifact analysis using different tools and techniques. These techniques make use of the evidence extracted from infected machines, and are accompanied by real-life examples.


Leverage the power of digital forensics for Windows systemsAbout This BookBuild your own lab environment to analyze forensic data and practice techniques.This book offers meticulous coverage with an example-driven approach and helps you build the key skills of performing forensics on Windows-based systems using digital artifacts.It uses specific open source and Linux-based tools so you can become proficient at analyzing forensic data and upgrade your existing knowledge.Who This Book Is ForThis book targets forensic analysts and professionals who would like to develop skills in digital forensic analysis for the Windows platform. You will acquire proficiency, knowledge, and core skills to undertake forensic analysis of digital data.Prior experience of information security and forensic analysis would be helpful. You will gain knowledge and an understanding of performing forensic analysis with tools especially built for the Windows platform.What You Will LearnPerform live analysis on victim or suspect Windows systems locally or remotelyUnderstand the different natures and acquisition techniques of volatile and non-volatile data.Create a timeline of all the system actions to restore the history of an incident.Recover and analyze data from FAT and NTFS file systems.Make use of various tools to perform registry analysis.Track a system user's browser and e-mail activities to prove or refute some hypotheses.Get to know how to dump and analyze computer memory.In DetailOver the last few years, the wave of the cybercrime has risen rapidly. We have witnessed many major attacks on the governmental, military, financial, and media sectors. Tracking all these attacks and crimes requires a deep understanding of operating system operations, how to extract evident data from digital evidence, and the best usage of the digital forensic tools and techniques. Regardless of your level of experience in the field of information security in general, this book will fully introduce you to digital forensics. It will provide you with the knowledge needed to assemble different types of evidence effectively, and walk you through the various stages of the analysis process.We start by discussing the principles of the digital forensics process and move on to show you the approaches that are used to conduct analysis. We will then study various tools to perform live analysis, and go through different techniques to analyze volatile and non-volatile data.Style and approachThis is a step-by-step guide that delivers knowledge about different Windows artifacts. Each topic is explained sequentially, including artifact analysis using different tools and techniques. These techniques make use of the evidence extracted from infected machines, and are accompanied by real-life examples.
Erscheint lt. Verlag 29.6.2016
Sprache englisch
Themenwelt Informatik Netzwerke Sicherheit / Firewall
ISBN-10 1-78355-410-X / 178355410X
ISBN-13 978-1-78355-410-2 / 9781783554102
Haben Sie eine Frage zum Produkt?
EPUBEPUB (Adobe DRM)
Größe: 43,7 MB

Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM

Dateiformat: EPUB (Electronic Publication)
EPUB ist ein offener Standard für eBooks und eignet sich besonders zur Darstellung von Belle­tristik und Sach­büchern. Der Fließ­text wird dynamisch an die Display- und Schrift­größe ange­passt. Auch für mobile Lese­geräte ist EPUB daher gut geeignet.

Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine Adobe-ID und die Software Adobe Digital Editions (kostenlos). Von der Benutzung der OverDrive Media Console raten wir Ihnen ab. Erfahrungsgemäß treten hier gehäuft Probleme mit dem Adobe DRM auf.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine Adobe-ID sowie eine kostenlose App.
Geräteliste und zusätzliche Hinweise

Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.

Mehr entdecken
aus dem Bereich
Das Praxishandbuch zu Krisenmanagement und Krisenkommunikation

von Holger Kaschner

eBook Download (2024)
Springer Fachmedien Wiesbaden (Verlag)
34,99
Methodische Kombination von IT-Strategie und IT-Reifegradmodell

von Markus Mangiapane; Roman P. Büchler

eBook Download (2024)
Springer Vieweg (Verlag)
42,99