Network Forensics

Ric Messier

  • 出版商: Wiley
  • 出版日期: 2017-08-07
  • 定價: $1,980
  • 售價: 9.5$1,881
  • 語言: 英文
  • 頁數: 360
  • 裝訂: Paperback
  • ISBN: 1119328284
  • ISBN-13: 9781119328285
  • 相關分類: Computer-networks
  • 立即出貨 (庫存 < 3)

買這商品的人也買了...

商品描述

Intensively hands-on training for real-world network forensics

Network Forensics provides a uniquely practical guide for IT and law enforcement professionals seeking a deeper understanding of cybersecurity. This book is hands-on all the way—by dissecting packets, you gain fundamental knowledge that only comes from experience. Real packet captures and log files demonstrate network traffic investigation, and the learn-by-doing approach relates the essential skills that traditional forensics investigators may not have. From network packet analysis to host artifacts to log analysis and beyond, this book emphasizes the critical techniques that bring evidence to light.

Network forensics is a growing field, and is becoming increasingly central to law enforcement as cybercrime becomes more and more sophisticated. This book provides an unprecedented level of hands-on training to give investigators the skills they need.

  • Investigate packet captures to examine network communications
  • Locate host-based artifacts and analyze network logs
  • Understand intrusion detection systems—and let them do the legwork
  • Have the right architecture and systems in place ahead of an incident

Network data is always changing, and is never saved in one place; an investigator must understand how to examine data over time, which involves specialized skills that go above and beyond memory, mobile, or data forensics. Whether you're preparing for a security certification or just seeking deeper training for a law enforcement or IT role, you can only learn so much from concept; to thoroughly understand something, you need to do it. Network Forensics provides intensive hands-on practice with direct translation to real-world application.

商品描述(中文翻譯)

實戰網路取證的密集型實習訓練
網路取證為IT和執法專業人士提供了一本獨特實用的資訊安全指南。本書從頭到尾都是實戰為主,通過解析封包,您可以獲得只有通過實踐才能獲得的基礎知識。真實的封包捕獲和日誌文件展示了網路流量調查,而這種學以致用的方法則涉及到傳統取證調查人員可能沒有的基本技能。從網路封包分析到主機證據再到日誌分析等等,本書強調了揭示證據的關鍵技術。

網路取證是一個不斷發展的領域,隨著網絡犯罪變得越來越複雜,它在執法工作中變得越來越重要。本書提供了前所未有的密集型實戰訓練,以提供調查人員所需的技能。


  • 調查封包捕獲以檢查網路通信

  • 查找主機證據並分析網路日誌

  • 了解入侵檢測系統,並讓它們發揮作用

  • 在事件發生之前擁有正確的架構和系統

網路數據總是在不斷變化,並且從不保存在一個地方;調查人員必須了解如何隨著時間檢查數據,這涉及到超越記憶體、移動或數據取證的專業技能。無論您是為了安全認證還是只是尋求更深入的培訓以擔任執法或IT角色,僅僅從概念中學到的知識是有限的;要徹底理解一個東西,您需要實際去做。《網路取證》提供了密集型的實戰練習,直接應用於現實世界中。