Incident Response: Computer Forensics Toolkit

Douglas Schweitzer

  • 出版商: Hungry Minds
  • 出版日期: 2003-05-02
  • 售價: $1,740
  • 貴賓價: 9.5$1,653
  • 語言: 英文
  • 頁數: 345
  • 裝訂: Paperback
  • ISBN: 0764526367
  • ISBN-13: 9780764526367
  • 已過版



* Incident response and forensic investigation are the processes of detecting attacks and properly extracting evidence to report the crime and conduct audits to prevent future attacks
* This much-needed reference covers the methodologies for incident response and computer forensics, Federal Computer Crime law information and evidence requirements, legal issues, and working with law enforcement
* Details how to detect, collect, and eradicate breaches in e-mail and malicious code
* CD-ROM is packed with useful tools that help capture and protect forensic data; search volumes, drives, and servers for evidence; and rebuild systems quickly after evidence has been obtained

Table of Contents



  Chapter 1: Computer Forensics and Incident Response Essentials.

  Chapter 2: Addressing Law Enforcement Considerations.

  Chapter 3: Forensic Preparation and Preliminary Response.

  Chapter 4: Windows Registry, Recycle Bin, and Data Storage.

  Chapter 5: Analyzing and Detecting Malicious Code and Intruders.

  Chapter 6: Retrieving and Analyzing Clues.

  Chapter 7: Procedures for Collecting and Preserving Evidence.

  Chapter 8: Incident Containment and Eradication of Vulnerabilities.

  Chapter 9: Disaster Recovery and Follow-Up.

  Chapter 10: Responding to Different Types of Incidents.

  Chapter 11: Assessing System Security to Prevent Further Attacks.

  Chapter 12: Pulling It All Together.

  Appendix A: What’s on the CD-ROM.

  Appendix B: Commonly Attacked Ports.

  Appendix C: Field Guidance on USA Patriot Act 2001.

  Appendix D: Computer Records and the Federal Rules of Evidence.

  Appendix E: Glossary.