Windows Forensics: Understand Analysis Techniques for Your Windows
Easttom, Chuck, Butler, William, Phelan, Jessica
- 出版商: Apress
- 出版日期: 2024-06-13
- 售價: $2,210
- 貴賓價: 9.5 折 $2,100
- 語言: 英文
- 頁數: 470
- 裝訂: Quality Paper - also called trade paper
- ISBN: 9798868801921
- ISBN-13: 9798868801921
尚未上市,無法訂購
商品描述
This book is your comprehensive guide to Windows forensics. It covers the process of conducting or performing a forensic investigation of systems that run on Windows operating systems. It also includes analysis of incident response, recovery, and auditing of equipment used in executing any criminal activity.
The book covers Windows registry, architecture, and systems as well as forensic techniques, along with coverage of how to write reports, legal standards, and how to testify. It starts with an introduction to Windows followed by forensic concepts and methods of creating forensic images. You will learn Windows file artefacts along with Windows Registry and Windows Memory forensics. And you will learn to work with PowerShell scripting for forensic applications and Windows email forensics. Microsoft Azure and cloud forensics are discussed and you will learn how to extract from the cloud. By the end of the book you will know data-hiding techniques in Windows and learn about volatility and a Windows Registry cheat sheet.
What Will You Learn
- Understand Windows architecture
- Recover deleted files from Windows and the recycle bin
- Use volatility and PassMark volatility workbench
- Utilize Windows PowerShell scripting for forensic applications
Who This Book Is For
Windows administrators, forensics practitioners, and those wanting to enter the field of digital forensics
商品描述(中文翻譯)
這本書是您在Windows電腦取證方面的全面指南。它涵蓋了對運行Windows操作系統的系統進行取證調查的過程。它還包括對執行任何犯罪活動所使用的設備進行事件回應、恢復和審計的分析。
本書涵蓋了Windows註冊表、架構和系統,以及取證技術,還包括如何撰寫報告、法律標準和如何作證。它從Windows的介紹開始,接著介紹取證概念和創建取證映像的方法。您將學習Windows文件證據,以及Windows註冊表和Windows記憶體取證。您還將學習如何使用PowerShell腳本編寫取證應用程序和Windows郵件取證。書中還討論了Microsoft Azure和雲取證,您將學習如何從雲中提取數據。通過閱讀本書,您將了解Windows中的數據隱藏技術,並學習有關易失性和Windows註冊表的秘訣。
您將學到以下內容:
- 了解Windows架構
- 從Windows和回收站中恢復已刪除的文件
- 使用易失性和PassMark易失性工作台
- 利用Windows PowerShell腳本編寫取證應用程序
本書適合Windows系統管理員、取證專業人員以及希望進入數位取證領域的人士。
作者簡介
Dr. Chuck Easttom is the author of 39 books, including several on computer security, forensics, and cryptography. He is also an inventor with 25 patents and the author of over 70 research papers. He holds a Doctor of Science in cyber security, a Ph.D. in Nanotechnology, a Ph.D. in computer science, and three master's degrees.
Dr. William Butler is Vice President of Academic Affairs and Executive Director of the Center for Cybersecurity Research and Analysis (CCRA) at Capitol Technology University (Located in Laurel, Maryland). Before this appointment, Bill served as the Chair of Cybersecurity programs for eight years.
Jessica Phelan is a computer science graduate student at Vanderbilt University. She is currently doing research in natural language processing at the University of Texas at Austin.
Ramya Sai Bhagavatula is a Cybersecurity enthusiast and holds a Security+ Certification from CompTIA. She is currently working as an AI Engineer for a medical organization, Baylor Genetics, where she is using her AI expertise to work with genomic data to bring out valuable insights and predictions. She has previously worked for NASA as a Deep Learning Research Intern, where she developed deep learning models to effectively predict severe climate patterns. She was also a lead Data Analyst Intern at an arts organization, Houston Arts Alliance, where she was involved in analyzing in-depth patterns and providing recommendations for their future art grants. Through her dedication to continuous learning and professional development, she pursued her Master's in Data Analytics at UH and is currently pursuing her second Master's in Computer Science at Vanderbilt University. She is also 3x Microsoft Certified in AI and Data Engineering. She aspires for her future career path to involve Cybersecurity, Quantum Computing, and AI. In her free time, she loves to volunteer at local organizationsto raise awareness about Computer Science among underprivileged school students. She has also received the Presidential Volunteer Service Award for her volunteer services.
Sean Steuber has a BS in Engineering from University of Alabama, an MS in Computer Science from Vanderbilt University, and eight years of professional computer science experience.
Karely Rodriguez is a first-generation DACA recipient and a woman pursuing STEM. She earned a Bachelor's of Science in Computer Science and minored in Mathematics at the University of Washington and has continued her education in achieving a Masters of Computer Science from Vanderbilt University.
Victoria Indy Balkissoon is working in the Naval Enterprise Research Data Science (N.E.R.D.S.) team at NAWCTSD Orlando where she currently works on developing software applications and data science solutions for the US NAVY. She is also currently pursuing a Master's degree inComputer Science at Vanderbilt University.
Zehra Naseer has an MS in Ccmputer Science from Vanderbilt University.
作者簡介(中文翻譯)
Dr. Chuck Easttom是39本書的作者,其中包括幾本關於電腦安全、取證和密碼學的書籍。他還是一位擁有25項專利的發明家,並且撰寫了70多篇研究論文。他擁有博士學位,專攻網絡安全、納米技術和計算機科學,並擁有三個碩士學位。
Dr. William Butler是Capitol Technology University(位於馬里蘭州羅雷爾)的學術事務副校長和Cybersecurity Research and Analysis(CCRA)中心的執行主任。在此任命之前,Bill擔任了八年的Cybersecurity課程主任。
Jessica Phelan是范德堡大學的計算機科學研究生。她目前在德克薩斯大學奧斯汀分校進行自然語言處理的研究。
Ramya Sai Bhagavatula是一位熱愛網絡安全的人,擁有CompTIA的Security+認證。她目前在醫療機構Baylor Genetics擔任AI工程師,利用她的AI專業知識處理基因組數據,提供有價值的見解和預測。她曾在NASA擔任深度學習研究實習生,開發深度學習模型有效預測嚴重氣候模式。她還曾在藝術機構Houston Arts Alliance擔任首席數據分析實習生,分析深入的模式並提供未來藝術資助的建議。通過對持續學習和專業發展的奉獻,她在UH獲得了數據分析碩士學位,目前正在范德堡大學攻讀第二個計算機科學碩士學位。她還擁有3個微軟AI和數據工程認證。她的未來職業生涯規劃涉及網絡安全、量子計算和人工智能。在空閒時間,她喜歡在當地組織做義工,提高弱勢學生對計算機科學的認識。她還因其義務服務而獲得了總統志願服務獎。
Sean Steuber擁有阿拉巴馬大學的工程學學士學位,范德堡大學的計算機科學碩士學位,並擁有八年的專業計算機科學經驗。
Karely Rodriguez是第一代DACA受益人,也是一位追求STEM的女性。她在華盛頓大學獲得計算機科學學士學位,並在范德堡大學繼續深造,獲得計算機科學碩士學位。
Victoria Indy Balkissoon在NAWCTSD Orlando的海軍企業研究數據科學(N.E.R.D.S.)團隊工作,目前致力於開發軟件應用程序和數據科學解決方案,為美國海軍提供支持。她目前還在范德堡大學攻讀計算機科學碩士學位。
Zehra Naseer擁有范德堡大學的計算機科學碩士學位。
