Incident Response and Computer Forensics, 2/e (Paperback)
Chris Prosise, Kevin Mandia, Matt Pepe
- 出版商: McGraw-Hill Education
- 出版日期: 2003-07-17
- 售價: $2,180
- 貴賓價: 9.5 折 $2,071
- 語言: 英文
- 頁數: 507
- 裝訂: Paperback
- ISBN: 007222696X
- ISBN-13: 9780072226966
已過版
買這商品的人也買了...
-
$980$774 -
$1,900$1,805 -
$690$587 -
$750$638 -
$760$600 -
$590$466 -
$750$585 -
$1,740$1,653 -
$680$537 -
$1,560$1,482 -
$690$538 -
$720$562 -
$720$569 -
$640$576 -
$750$675 -
$560$504 -
$2,350$2,233 -
$480$379 -
$780$616 -
$490$382 -
$720$648 -
$5,130$4,874 -
$420$332 -
$700$630 -
$480$432
相關主題
商品描述
Completely Updated with the Latest Techniques--Contains All-New Forensics Content and Real-World Scenarios
An insiders look at the legal, procedural and technical steps of computer forensics and analysis. --Information Security magazine
This book is an absolute must-read for anyone who plays a role in responding to computer security events. --Marc J. Zwillinger, former trial attorney with the U.S. Dept. of Justice, Computer Crime & Intellectual Property
An excellent resource for information on how to respond to computer intrusions and conduct forensic investigations. --Network Magazine
If your job requires you to review the contents of a computer system for evidence of unauthorized or unlawful activities, this is the book for you. The authors, through real-world experiences, demonstrate both technically and procedurally the right way to perform computer forensics and respond to security incidents. --Howard A. Schmidt, Former Special Advisor for Cyber Security, White House, and former Chief Security Officer, Microsoft Corp.
New and Updated Material:
- New real-world scenarios throughout
- The latest methods for collecting live data and investigating Windows and
UNIX systems
- Updated information on forensic duplication
- New chapter on emergency network security monitoring
- New chapter on corporate evidence handling procedures
- New chapter on data preparation with details on hard drive interfaces and
data storage principles
- New chapter on data extraction and analysis
- The latest techniques for analyzing network traffic
- Up-to-date methods for investigating and assessing hacker tools
Foreword by former FBI Special Agent Scott Larson
Contents
Part I: Overview
Ch. 1: Case
Study
Ch. 2: The Incident Response Process
Ch. 3: Preparing for Incident Response
Part II: Data Collection
Ch. 4: Data
Collection From Windows
Ch. 5: Data Collection from Unix
Ch. 6: Forensic Duplication
Ch. 7:
Network Traffic Collection
Ch. 8: Data Collection from
Other Sources
Ch. 9: Evidence Handling
Part III: Forensic Analysis
Ch. 10:
Physical Analysis
Ch. 11: Data Analysis
Ch. 12: Analysis of Windows
Systems
Ch. 13: Unix
Part IV:
Analysis of Other Evidence
Ch. 14: Investigation of
Routers
Ch. 15: Investigation of Web Servers
Ch. 16: Investigation of Application Servers
Ch. 17: Analysis of Network
Traces
Ch. 18: Investigating Hacker Tools
Part V: Remediation
Ch. 19: Reporting
and Documentation
Ch. 20: Developing an Incident
Response Plan
Ch. 21: Establishing Identify in
Cyberspace
Ch. 22: Data
Recovery