Computer Forensics Incident Response Essential (Paperback)
Warren G. Kruse II, Jay G. Heiser
- 出版商: Addison-Wesley Professional
- 出版日期: 2001-10-06
- 售價: $1,158
- 語言: 英文
- 頁數: 416
- 裝訂: Paperback
- ISBN: 0201707195
- ISBN-13: 9780201707199
Written by two experts in digital investigation, Computer Forensics provides extensive information on how to handle the computer as evidence. Kruse and Heiser walk the student through the complete forensics process蕞瞞rom the initial collection of evidence through the final report. Topics include an overview of the forensic relevance of encryption, the examination of digital evidence for clues, and the most effective way to present your evidence and conclusions in court. Unique forensic issues associated with both the Unix and the Windows NT/2000 operating systems are thoroughly covered.
Table of Contents
1. Introduction to Computer Forensics.
2. Tracking an Offender.
3. The Basics of Hard Drives and Storage.
4. Encryption and Forensics.
5. Data Hiding.
6. Hostile Code.
7. Your Electronic Toolkit.
8. Investigating Windows Computers.
9. Introduction to Unix for Forensic Examiners.
10. Compromising a Unix Host.
11. Investigating a Unix Host.
12. Introduction to the Criminal Justice System.
Appendix A. Internet Data Center Response Plan.
Appendix B. Incident Response Triage Questionnaire.
Appendix C. How to Become a Unix Guru.
Appendix D. Exporting a Windows 2000 Personal Certificate.
Appendix E. How to Crowbar Unix Hosts.
Appendix F. Creating a Linux Boot CD.
Appendix G. Contents of a Forensic CD.