Incident Response & Computer Forensics, 2nd Ed. / Edition 2
  • Incident Response & Computer Forensics, 2nd Ed. / Edition 2
  • Incident Response & Computer Forensics, 2nd Ed. / Edition 2

Incident Response & Computer Forensics, 2nd Ed. / Edition 2

by Kevin Mandia, Chris Prosise, Matt Pepe
     
 

Completely Updated with the Latest Techniques—Contains All-New Forensics Content and Real-World Scenarios

"An insider's look at the legal, procedural and technical steps of computer forensics and analysis." —Information Security magazine

"This book is an absolute must-read for anyone who plays a role in responding to computer security events."

See more details below

Overview

Completely Updated with the Latest Techniques—Contains All-New Forensics Content and Real-World Scenarios

"An insider's look at the legal, procedural and technical steps of computer forensics and analysis." —Information Security magazine

"This book is an absolute must-read for anyone who plays a role in responding to computer security events." —Marc J. Zwillinger, former trial attorney with the U.S. Dept. of Justice, Computer Crime & Intellectual Property

"An excellent resource for information on how to respond to computer intrusions and conduct forensic investigations." —Network Magazine

"If your job requires you to review the contents of a computer system for evidence of unauthorized or unlawful activities, this is the book for you. The authors, through real-world experiences, demonstrate both technically and procedurally the right way to perform computer forensics and respond to security incidents." —Howard A. Schmidt, Former Special Advisor for Cyber Security, White House, and former Chief Security Officer, Microsoft Corp.

New and Updated Material:

  • New real-world scenarios throughout
  • The latest methods for collecting live data and investigating Windows and UNIX systems
  • Updated information on forensic duplication
  • New chapter on emergency network security monitoring
  • New chapter on corporate evidence handling procedures
  • New chapter on data preparation with details on hard drive interfaces and data storage principles
  • New chapter on data extraction and analysis
  • The latest techniques for analyzing network traffic
  • Up-to-date methods for investigating and assessing hacker tools

Foreword by former FBI Special Agent Scott Larson

Read More

Product Details

ISBN-13:
9780072226966
Publisher:
McGraw-Hill Professional Publishing
Publication date:
07/17/2003
Series:
Security Series
Edition description:
Second Edition
Pages:
544
Product dimensions:
7.50(w) x 9.20(h) x 1.10(d)

Table of Contents

Foreword
Acknowledgments
Introduction
1Real-World Incidents3
2Introduction to the Incident Response Process11
3Preparing for Incident Response33
4After Detection of an Incident75
5Live Data Collection from Windows Systems95
6Live Data Collection from Unix Systems125
7Forensic Duplication151
8Collecting Network-based Evidence173
9Evidence Handling197
10Computer System Storage Fundamentals217
11Data Analysis Techniques239
12Investigating Windows Systems291
13Investigating Unix Systems335
14Analyzing Network Traffic359
15Investigating Hacker Tools385
16Investigating Routers415
17Writing Computer Forensic Reports435
A: Answers to Questions457
BIncident Response Forms481
Index491

Read More

Customer Reviews

Average Review:

Write a Review

and post it to your social network

     

Most Helpful Customer Reviews

See all customer reviews >