Digital Forensics Basics: A Practical Guide Using Windows OS
暫譯: 數位鑑識基礎:使用 Windows 作業系統的實用指南
Hassan, Nihad A.
- 出版商: Apress
- 出版日期: 2019-02-26
- 定價: $1,575
- 售價: 8.0 折 $1,260
- 語言: 英文
- 頁數: 335
- 裝訂: Quality Paper - also called trade paper
- ISBN: 1484238370
- ISBN-13: 9781484238370
立即出貨 (庫存 < 3)
相關主題
商品描述
Use this hands-on, introductory guide to understand and implement digital forensics to investigate computer crime using Windows, the most widely used operating system. This book provides you with the necessary skills to identify an intruder's footprints and to gather the necessary digital evidence in a forensically sound manner to prosecute in a court of law.
Directed toward users with no experience in the digital forensics field, this book provides guidelines and best practices when conducting investigations as well as teaching you how to use a variety of tools to investigate computer crime. You will be prepared to handle problems such as law violations, industrial espionage, and use of company resources for private use.
Digital Forensics Basics is written as a series of tutorials with each task demonstrating how to use a specific computer forensics tool or technique. Practical information is provided and users can read a task and then implement it directly on their devices. Some theoretical information is presented to define terms used in each technique and for users with varying IT skills.
What You'll Learn
- Assemble computer forensics lab requirements, including workstations, tools, and more
- Document the digital crime scene, including preparing a sample chain of custody form
- Differentiate between law enforcement agency and corporate investigations
- Gather intelligence using OSINT sources
- Acquire and analyze digital evidence
- Conduct in-depth forensic analysis of Windows operating systems covering Windows 10-specific feature forensics
- Utilize anti-forensic techniques, including steganography, data destruction techniques, encryption, and anonymity techniques
Who This Book Is For
Police and other law enforcement personnel, judges (with no technical background), corporate and nonprofit management, IT specialists and computer security professionals, incident response team members, IT military and intelligence services officers, system administrators, e-business security professionals, and banking and insurance professionals
商品描述(中文翻譯)
使用這本實作導向的入門指南,了解並實施數位鑑識,以調查使用 Windows 這個最廣泛使用的作業系統的電腦犯罪。本書提供您必要的技能,以識別入侵者的足跡,並以法醫學上可靠的方式收集必要的數位證據,以便在法庭上起訴。
本書針對沒有數位鑑識領域經驗的使用者,提供進行調查的指導方針和最佳實踐,並教您如何使用各種工具來調查電腦犯罪。您將準備好處理如法律違規、工業間諜活動以及將公司資源用於私人用途等問題。
《數位鑑識基礎》以一系列教程的形式撰寫,每個任務展示如何使用特定的電腦鑑識工具或技術。提供實用資訊,使用者可以閱讀任務後直接在其設備上實施。一些理論資訊用於定義每種技術中使用的術語,並適合不同 IT 技能的使用者。
您將學到的內容包括:
- 組建電腦鑑識實驗室的需求,包括工作站、工具等
- 記錄數位犯罪現場,包括準備樣本鏈條保管表
- 區分執法機構和企業調查
- 使用 OSINT 資源收集情報
- 獲取和分析數位證據
- 對 Windows 作業系統進行深入的法醫分析,涵蓋 Windows 10 特定功能的鑑識
- 利用反鑑識技術,包括隱寫術、數據銷毀技術、加密和匿名技術
本書適合的對象包括:警察及其他執法人員、沒有技術背景的法官、企業及非營利組織管理人員、IT 專家和電腦安全專業人員、事件響應小組成員、IT 軍事和情報服務官員、系統管理員、電子商務安全專業人員,以及銀行和保險專業人員。
作者簡介
Nihad A. Hassan is an independent information security consultant, digital forensics and cybersecurity expert, online blogger, and book author. He has been actively conducting research on different areas of information security for more than a decade and has developed numerous cybersecurity education courses and technical guides. He has completed several technical security consulting engagements involving security architectures, penetration testing, computer crime investigation, and cyber open source intelligence (OSINT). Nihad has authored five books and scores of information security articles for various global publications. He also enjoys being involved in security training, education, and motivation. His current work focuses on digital forensics, anti-forensics techniques, digital privacy, and cyber OSINT. He covers different information security topics and related matters on his security blog (DarknessGate) and recently launched a dedicated site for open source intelligence resources at (OSINT.link). Nihad has a bachelor of science honors degree in computer science from the University of Greenwich in the United Kingdom. He can be followed on Twitter (@DarknessGate), and you can connect to him via LinkedIn (DarkenessGate).
作者簡介(中文翻譯)
Nihad A. Hassan 是一位獨立的信息安全顧問、數位取證和網路安全專家、線上部落客及書籍作者。他在信息安全的不同領域進行研究已超過十年,並開發了多個網路安全教育課程和技術指南。他完成了幾個技術安全顧問的專案,涉及安全架構、滲透測試、電腦犯罪調查和網路開源情報(OSINT)。Nihad 已出版五本書籍,並為多個全球出版物撰寫了大量信息安全文章。他也喜歡參與安全培訓、教育和激勵工作。他目前的工作重點是數位取證、反取證技術、數位隱私和網路 OSINT。他在他的安全部落格(DarknessGate)上涵蓋了不同的信息安全主題和相關事宜,並最近啟動了一個專門的開源情報資源網站(OSINT.link)。Nihad 擁有英國格林威治大學的計算機科學榮譽理學士學位。他的 Twitter 帳號是 @DarknessGate,您也可以通過 LinkedIn 與他聯繫(DarkenessGate)。
