Mastering Windows Network Forensics and Investigation, Second Edition
- 13h 39m
- Ryan Johnson, Scott Pearson, Steve Anson, Steve Bunting
- Sybex
- 2012
An authoritative guide to investigating high-technology crimes
Internet crime is seemingly ever on the rise, making the need for a comprehensive resource on how to investigate these crimes even more dire. This professional-level book--aimed at law enforcement personnel, prosecutors, and corporate investigators--provides you with the training you need in order to acquire the sophisticated skills and software solutions to stay one step ahead of computer criminals.
- Specifies the techniques needed to investigate, analyze, and document a criminal act on a Windows computer or network
- Places a special emphasis on how to thoroughly investigate criminal activity and now just perform the initial response
- Walks you through ways to present technically complicated material in simple terms that will hold up in court
- Features content fully updated for Windows Server 2008 R2 and Windows 7
- Covers the emerging field of Windows Mobile forensics
Also included is a classroom support package to ensure academic adoption, Mastering Windows Network Forensics and Investigation, 2nd Edition offers help for investigating high-technology crimes.
About the Authors
Steve Anson, CISSP, EnCE, is the cofounder of Forward Discovery. He has previously served as a police officer, FBI High Tech Crimes Task Force agent, Special Agent with the U.S. DoD, and an instructor with the U.S. State Department Antiterrorism Assistance Program (ATA). He has trained hundreds of law enforcement officers around the world in techniques of digital forensics and investigation.
Steve Bunting, EnCE, CCFT, has over 35 years of experience in law enforcement, and his background in computer forensics is extensive. He has conducted computer forensic examinations for numerous local, state, and federal agencies on a variety of cases, as well as testified in court as a computer forensics expert. He has taught computer forensics courses for Guidance Software and is currently a Senior Forensic Consultant with Forward Discovery.
Ryan Johnson, DFCP, CFCE, EnCE, SCERS, is a Senior Forensic Consultant with Forward Discovery. He was a digital forensics examiner for the Durham, NC, police and a Media Exploitation Analyst with the U.S. Army. He is an instructor and developer with the ATA.
Scott Pearson has trained law enforcement entities, military personnel, and network/system administrators in more than 20 countries for the ATA. He is also a certifying Instructor on the Cellebrite UFED Logical and Physical Analyzer Mobile Device Forensics tool and has served as an instructor for the DoD Computer Investigations Training Academy.
In this Book
-
Network Investigation Overview
-
The Microsoft Network Structure
-
Beyond the Windows GUI
-
Windows Password Issues
-
Windows Ports and Services
-
Live-Analysis Techniques
-
Windows Filesystems
-
The Registry Structure
-
Registry Evidence
-
Introduction to Malware
-
Text-Based Logs
-
Windows Event Logs
-
Logon and Account Logon Events
-
Other Audit Events
-
Forensic Analysis of Event Logs
-
Presenting the Results
-
The Challenges of Cloud Computing and Visualization