3 options
Windows forensic analysis : DVD toolkit, / Harlan Carvey.
- Format:
- Book
- Author/Creator:
- Carvey, Harlan A.
- Language:
- English
- Subjects (All):
- Computer crimes--Investigation--United States--Methodology.
- Computer crimes.
- Computer networks--Security measures.
- Computer networks.
- Internet--Security measures.
- Internet.
- Computer security.
- Microsoft Windows (Computer file)--Security measures.
- Microsoft Windows (Computer file).
- Physical Description:
- 1 online resource (386 p.)
- Edition:
- 1st ed.
- Place of Publication:
- Burlington, MA : Syngress Pub., c2007.
- Language Note:
- English
- Summary:
- The only book available on the market that addresses and discusses in-depth forensic analysis of Windows systems. Windows Forensic Analysis DVD Toolkit takes the reader to a whole new, undiscovered level of forensic analysis for Windows systems, providing unique information and resources not available anywhere else. This book covers both live and post-mortem response collection and analysis methodologies, addressing material that is applicable to law enforcement, the federal government, students, and consultants. This book also brings this material to the doorstep of system administrators, who
- Contents:
- Cover; Contents; Preface; Chapter 1: Live Response: Collecting Volatile Data; Introduction; Live Response; What Data to Collect; Nonvolatile Information; Live-Response Methodologies; Chapter 2: Live Response: Data Analysis; Introduction; Data Analysis; Chapter 3: Windows Memory Analysis; Introduction; Dumping Physical Memory; Analyzing a Physical Memory Dump; Collecting Process Memory; Chapter 4: Registry Analysis; Introduction; Inside the Registry; Registry Analysis; Chapter 5: File Analysis; Introduction; Event Logs; File Metadata; Alternative Methods of Analysis
- Chapter 6: Executable File AnalysisIntroduction; Static Analysis; Dynamic Analysis; Chapter 7: Rootkits and Rootkit Detection; Introduction; Rootkits; Rootkit Detection; Index
- Notes:
- "Incident response and cybercrime investigation secrets"--Cover.
- Includes bibliographical references and index.
- ISBN:
- 1-281-11265-8
- 9786611112653
- 0-08-055644-2
- OCLC:
- 476126401
The Penn Libraries is committed to describing library materials using current, accurate, and responsible language. If you discover outdated or inaccurate language, please fill out this feedback form to report it and suggest alternative language.