Investigating the Cyber Breach: The Digital Forensics Guide for the Network Engineer (Paperback)

Joseph Muniz

商品描述

Investigating the Cyber Breach

The Digital Forensics Guide for the Network Engineer

 

·         Understand the realities of cybercrime and today’s attacks

·         Build a digital forensics lab to test tools and methods, and gain expertise

·         Take the right actions as soon as you discover a breach

·         Determine the full scope of an investigation and the role you’ll play

·         Properly collect, document, and preserve evidence and data

·         Collect and analyze data from PCs, Macs, IoT devices, and other endpoints

·         Use packet logs, NetFlow, and scanning to build timelines, understand network activity, and collect evidence

·         Analyze iOS and Android devices, and understand encryption-related obstacles to investigation

·         Investigate and trace email, and identify fraud or abuse

·         Use social media to investigate individuals or online identities

·         Gather, extract, and analyze breach data with Cisco tools and techniques

·         Walk through common breaches and responses from start to finish

·         Choose the right tool for each task, and explore alternatives that might also be helpful

 

 

 

 

The professional’s go-to digital forensics resource for countering attacks right now

Today, cybersecurity and networking professionals know they can’t possibly prevent every breach, but they can substantially reduce risk by quickly identifying and blocking breaches as they occur. Investigating the Cyber Breach: The Digital Forensics Guide for the Network Engineer is the first comprehensive guide to doing just that.

 

Writing for working professionals, senior cybersecurity experts Joseph Muniz and Aamir Lakhani present up-to-the-minute techniques for hunting attackers, following their movements within networks, halting exfiltration of data and intellectual property, and collecting evidence for investigation and prosecution. You’ll learn how to make the most of today’s best open source and Cisco tools for cloning, data analytics, network and endpoint breach detection, case management, monitoring, analysis, and more.

 

Unlike digital forensics books focused primarily on post-attack evidence gathering, this one offers complete coverage of tracking threats, improving intelligence, rooting out dormant malware, and responding effectively to breaches underway right now.

 

 

This book is part of the Networking Technology: Security Series from Cisco Press®, which offers networking professionals valuable information for constructing efficient networks, understanding new technologies, and building successful careers.

 

 

商品描述(中文翻譯)

「調查網絡入侵:網絡工程師的數位取證指南」

「調查網絡入侵:網絡工程師的數位取證指南」是第一本全面指南,針對當下的攻擊,提供專業人士在追蹤攻擊者、阻止資料和智慧財產外洩、以及收集證據進行調查和起訴方面的最新技術。

撰寫給專業人士的資安和網絡專家Joseph Muniz和Aamir Lakhani,提供了最新的技術,用於追蹤攻擊者在網絡中的行動、阻止資料外洩、收集證據進行調查和起訴。您將學習如何充分利用當今最佳的開源和Cisco工具,進行克隆、數據分析、網絡和終端入侵檢測、案件管理、監控、分析等。

與主要關注攻擊後證據收集的數位取證書籍不同,本書全面涵蓋了追蹤威脅、提高情報、查找休眠的惡意軟體,以及對當前入侵做出有效回應的內容。

本書是Cisco「網絡技術:安全系列」的一部分。