Windows Forensics (eBook)
XXIII, 470 Seiten
Apress (Verlag)
979-8-8688-0193-8 (ISBN)
This book is your comprehensive guide to Windows forensics. It covers the process of conducting or performing a forensic investigation of systems that run on Windows operating systems. It also includes analysis of incident response, recovery, and auditing of equipment used in executing any criminal activity.
The book covers Windows registry, architecture, and systems as well as forensic techniques, along with coverage of how to write reports, legal standards, and how to testify. It starts with an introduction to Windows followed by forensic concepts and methods of creating forensic images. You will learn Windows file artefacts along with Windows Registry and Windows Memory forensics. And you will learn to work with PowerShell scripting for forensic applications and Windows email forensics. Microsoft Azure and cloud forensics are discussed and you will learn how to extract from the cloud. By the end of the book you will know data-hiding techniques in Windows and learn about volatility and a Windows Registry cheat sheet.
What Will You Learn
- Understand Windows architecture
- Recover deleted files from Windows and the recycle bin
- Use volatility and PassMark volatility workbench
- Utilize Windows PowerShell scripting for forensic applications
Who This Book Is For
Windows administrators, forensics practitioners, and those wanting to enter the field of digital forensics
Dr. Chuck Easttom is the author of 39 books, including several on computer security, forensics, and cryptography. He is also an inventor with 25 patents and the author of over 70 research papers. He holds a Doctor of Science in cyber security, a Ph.D. in Nanotechnology, a Ph.D. in computer science, and three master's degrees.
Dr. William Butler is Vice President of Academic Affairs and Executive Director of the Center for Cybersecurity Research and Analysis (CCRA) at Capitol Technology University (Located in Laurel, Maryland). Before this appointment, Bill served as the Chair of Cybersecurity programs for eight years.
Jessica Phelan is a computer science graduate student at Vanderbilt University. She is currently doing research in natural language processing at the University of Texas at Austin.
Ramya Sai Bhagavatula is a Cybersecurity enthusiast and holds a Security+ Certification from CompTIA. She is currently working as an AI Engineer for a medical organization, Baylor Genetics, where she is using her AI expertise to work with genomic data to bring out valuable insights and predictions. She has previously worked for NASA as a Deep Learning Research Intern, where she developed deep learning models to effectively predict severe climate patterns. She was also a lead Data Analyst Intern at an arts organization, Houston Arts Alliance, where she was involved in analyzing in-depth patterns and providing recommendations for their future art grants. Through her dedication to continuous learning and professional development, she pursued her Master's in Data Analytics at UH and is currently pursuing her second Master's in Computer Science at Vanderbilt University. She is also 3x Microsoft Certified in AI and Data Engineering. She aspires for her future career path to involve Cybersecurity, Quantum Computing, and AI. In her free time, she loves to volunteer at local organizationsto raise awareness about Computer Science among underprivileged school students. She has also received the Presidential Volunteer Service Award for her volunteer services.
Sean Steuber has a BS in Engineering from University of Alabama, an MS in Computer Science from Vanderbilt University, and eight years of professional computer science experience.
Karely Rodriguez is a first-generation DACA recipient and a woman pursuing STEM. She earned a Bachelor's of Science in Computer Science and minored in Mathematics at the University of Washington and has continued her education in achieving a Masters of Computer Science from Vanderbilt University.
Victoria Indy Balkissoon is working in the Naval Enterprise Research Data Science (N.E.R.D.S.) team at NAWCTSD Orlando where she currently works on developing software applications and data science solutions for the US NAVY. She is also currently pursuing a Master's degree inComputer Science at Vanderbilt University.
Zehra Naseer has an MS in Ccmputer Science from Vanderbilt University.
This book is your comprehensive guide to Windows forensics. It covers the process of conducting or performing a forensic investigation of systems that run on Windows operating systems. It also includes analysis of incident response, recovery, and auditing of equipment used in executing any criminal activity.The book covers Windows registry, architecture, and systems as well as forensic techniques, along with coverage of how to write reports, legal standards, and how to testify. It starts with an introduction to Windows followed by forensic concepts and methods of creating forensic images. You will learn Windows file artefacts along with Windows Registry and Windows Memory forensics. And you will learn to work with PowerShell scripting for forensic applications and Windows email forensics. Microsoft Azure and cloud forensics are discussed and you will learn how to extract from the cloud. By the end of the book you will know data-hiding techniques in Windows and learn about volatility and a Windows Registry cheat sheet.What Will You LearnUnderstand Windows architectureRecover deleted files from Windows and the recycle binUse volatility and PassMark volatility workbenchUtilize Windows PowerShell scripting for forensic applicationsWho This Book Is ForWindows administrators, forensics practitioners, and those wanting to enter the field of digital forensics
Erscheint lt. Verlag | 29.5.2024 |
---|---|
Zusatzinfo | XXIII, 470 p. 300 illus. |
Sprache | englisch |
Themenwelt | Mathematik / Informatik ► Informatik ► Software Entwicklung |
Schlagworte | Artifacts • Azure • cloud forensics • Email • PowerShell • security • WINDOWS |
ISBN-13 | 979-8-8688-0193-8 / 9798868801938 |
Informationen gemäß Produktsicherheitsverordnung (GPSR) | |
Haben Sie eine Frage zum Produkt? |
Größe: 30,6 MB
DRM: Digitales Wasserzeichen
Dieses eBook enthält ein digitales Wasserzeichen und ist damit für Sie personalisiert. Bei einer missbräuchlichen Weitergabe des eBooks an Dritte ist eine Rückverfolgung an die Quelle möglich.
Dateiformat: PDF (Portable Document Format)
Mit einem festen Seitenlayout eignet sich die PDF besonders für Fachbücher mit Spalten, Tabellen und Abbildungen. Eine PDF kann auf fast allen Geräten angezeigt werden, ist aber für kleine Displays (Smartphone, eReader) nur eingeschränkt geeignet.
Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen dafür einen PDF-Viewer - z.B. den Adobe Reader oder Adobe Digital Editions.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen dafür einen PDF-Viewer - z.B. die kostenlose Adobe Digital Editions-App.
Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.
aus dem Bereich