Cargando…
Computer forensics : infoSec Pro guide /
Security Smarts for the Self-Guided IT Professional Find out how to excel in the field of computer forensics investigations. Learn what it takes to transition from an IT professional to a computer forensic examiner in the private sector. Written by a Certified Information Systems Security Profession...
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
New York :
McGraw-Hill,
[2013]
|
| Colección: | InfoSec Pro guide
|
| Temas: | |
| Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
MARC
| LEADER | 00000cam a2200000Mi 4500 | ||
|---|---|---|---|
| 001 | OR_ocn852469265 | ||
| 003 | OCoLC | ||
| 005 | 20231017213018.0 | ||
| 006 | m o d | ||
| 007 | cr |n||||||||| | ||
| 008 | 130405s2013 nyu o 000 0 eng d | ||
| 040 | |a S4S |b eng |e rda |e pn |c S4S |d OCLCO |d UMI |d IDEBK |d TEFOD |d DEBSZ |d COO |d B24X7 |d YDXCP |d TEFOD |d OCLCF |d OCLCQ |d OCLCA |d EBLCP |d TOH |d OCLCQ |d N$T |d D6H |d LIV |d CZL |d DST |d OCLCO |d OCLCQ |d OCLCO | ||
| 019 | |a 852680926 |a 867877930 |a 889240658 |a 1084387389 |a 1227045070 |a 1295604374 |a 1300469445 |a 1303317115 | ||
| 020 | |a 9780071742467 |q (electronic bk.) | ||
| 020 | |a 0071742468 |q (electronic bk.) | ||
| 020 | |z 9780071742450 | ||
| 020 | |z 007174245X | ||
| 020 | |z 0071742468 | ||
| 029 | 1 | |a AU@ |b 000052007273 | |
| 029 | 1 | |a AU@ |b 000053295756 | |
| 029 | 1 | |a DEBBG |b BV041430989 | |
| 029 | 1 | |a DEBSZ |b 398268088 | |
| 029 | 1 | |a AU@ |b 000066230389 | |
| 035 | |a (OCoLC)852469265 |z (OCoLC)852680926 |z (OCoLC)867877930 |z (OCoLC)889240658 |z (OCoLC)1084387389 |z (OCoLC)1227045070 |z (OCoLC)1295604374 |z (OCoLC)1300469445 |z (OCoLC)1303317115 | ||
| 037 | |a CL0500000222 |b Safari Books Online | ||
| 037 | |a D3A5F22C-C68B-44E5-A271-E8F198BF4310 |b OverDrive, Inc. |n http://www.overdrive.com | ||
| 050 | 4 | |a HV8079.C65 |b C68 2013 | |
| 072 | 7 | |a COM |2 ukslc | |
| 072 | 7 | |a JKVF1 |2 bicssc | |
| 072 | 7 | |a UR |2 bicssc | |
| 072 | 7 | |a UT |2 bicssc | |
| 072 | 7 | |a UTN |2 bicssc | |
| 082 | 0 | 4 | |a 363.25/968 |2 23 |
| 049 | |a UAMI | ||
| 100 | 1 | |a Cowen, David. | |
| 245 | 1 | 0 | |a Computer forensics : |b infoSec Pro guide / |c David Cowen. |
| 264 | 1 | |a New York : |b McGraw-Hill, |c [2013] | |
| 300 | |a 1 online resource. | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 347 | |a text file | ||
| 490 | 0 | |a InfoSec Pro guide | |
| 520 | |a Security Smarts for the Self-Guided IT Professional Find out how to excel in the field of computer forensics investigations. Learn what it takes to transition from an IT professional to a computer forensic examiner in the private sector. Written by a Certified Information Systems Security Professional, Computer Forensics: InfoSec Pro Guide is filled with real-world case studies that demonstrate the concepts covered in the book. You'll learn how to set up a forensics lab, select hardware and software, choose forensic imaging procedures, test your tools, capture evidence from different sources, | ||
| 504 | |a Includes bibliographical references. | ||
| 505 | 0 | |a Cover -- About the Author -- Title Page -- Copyright Page -- Contents at a Glance -- Contents -- Acknowledgments -- Introduction -- Who Should Read This Book -- What This Book Covers -- How to Use This Book -- How Is This Book Organized? -- About the Series -- Lingo -- IMHO -- Budget Note -- In Actual Practice -- Your Plan -- Into Action -- Part I: Getting Started -- Chapter 1: What Is Computer Forensics? -- What You Can Do with Computer Forensics -- How People Get Involved in Computer Forensics -- Law Enforcement -- Military -- University Programs -- IT or Computer Security Professionals -- Incident Response vs. Computer Forensics -- How Computer Forensic Tools Work -- Types of Computer Forensic Tools -- Professional Licensing Requirements -- Chapter 2: Learning Computer Forensics -- Where and How to Get Training -- Law Enforcement Training -- Corporate Training -- Where and How to Get Certified -- Vendor Certifications -- Vendor-Neutral Certifications -- Staying Current -- Conferences -- Blogs -- Forums -- Podcasts -- Associations -- Chapter 3: Creating a Lab -- Choosing Where to Put Your Lab -- Access Controls -- Electrical Power -- Air Conditioning -- Privacy -- Gathering the Tools of the Trade -- Write Blockers -- Drive Kits -- External Storage -- Screwdriver Kits -- Antistatic Bags -- Adaptors -- Forensic Workstation -- Choosing Forensic Software -- Open Source Software -- Commercial Software -- Storing Evidence -- Securing Your Evidence -- Organizing Your Evidence -- Disposing of Old Evidence -- Part II: Your First Investigation -- Chapter 4: How to Approach a Computer Forensics Investigation -- The Investigative Process -- What Are You Being Asked to Find Out? -- Where Would the Data Exist? -- What Applications Might Have Been Used in Creating the Data? -- Should You Request to Go Beyond the Scope of the Investigation?. | |
| 505 | 8 | |a Testing Your Hypothesis -- Step 1. Define Your Hypothesis -- Step 2. Determine a Repeatable Test -- Step 3. Create Your Test Environment -- Step 4. Document Your Testing -- The Forensic Data Landscape -- Active Data -- Unallocated Space -- Slack Space -- Mobile Devices -- External Storage -- What Do You Have the Authority to Access -- Who Hosts the Data? -- Who Owns the Device? -- Expectation of Privacy -- Chapter 5: Choosing Your Procedures -- Forensic Imaging -- Determining Your Comfort Level -- Forensic Imaging Method Pros and Cons -- Creating Forms and Your Lab Manual -- Chain of Custody Forms -- Request Forms -- Report Forms -- Standard Operating Procedures Manual -- Chapter 6: Testing Your Tools -- When Do You Need to Test -- Collecting Data for Public Research or Presentations -- Testing a Forensic Method -- Testing a Tool -- Where to Get Test Evidence -- Raw Images -- Creating Your Own Test Images -- Forensic Challenges -- Learn Forensics with David Cowen on YouTube -- Honeynet Project -- DC3 Challenge -- DFRWS Challenge -- SANS Forensic Challenges -- High School Forensic Challenge -- Collections of Tool Testing Images -- Digital Forensic Tool Testing Images -- NIST Computer Forensics Reference Data Sets Images -- The Hacking Case -- NIST Computer Forensics Tool Testing -- Chapter 7: Live vs. Postmortem Forensics -- Live Forensics -- When Live Forensics Is the Best Option -- Tools for Live Forensics -- Postmortem Forensics -- Postmortem Memory Analysis -- Chapter 8: Capturing Evidence -- Creating Forensic Images of Internal Hard Drives -- FTK Imager with a Hardware Write Blocker -- FTK Imager with a Software Write Blocker -- Creating Forensic Images of External Drives -- FTK Imager with a USB Write Blocker -- FTK Imager with a Software Write Blocker -- Software Write Blocking on Linux Systems -- Creating Forensic Images of Network Shares. | |
| 505 | 8 | |a Capturing a Network Share with FTK Imager -- Mobile Devices -- Servers -- Chapter 9: Nontraditional Digital Forensics -- Breaking the Rules: Nontraditional Digital Forensic Techniques -- Volatile Artifacts -- Malware -- Encrypted File Systems -- Challenges to Accessing Encrypted Data -- Mobile Devices: Smart Phones and Tablets -- Solid State Drives -- Virtual Machines -- Part III: Case Examples: How to Work a Case -- Chapter 10: Establishing the Investigation Type and Criteria -- Determining What Type of Investigation Is Required -- Human Resources Cases -- Administrator Abuse -- Stealing Information -- Internal Leaks -- Keyloggers and Malware -- What to Do When Criteria Causes an Overlap -- What to Do When No Criteria Matches -- Where Should the Evidence Be? -- Did This Occur over the Network? -- Nothing Working? Create a Super Timeline -- Chapter 11: Human Resources Cases -- Results of a Human Resource Case -- How to Work a Pornography Case -- Pornography Case Study -- How to Investigate a Pornography Case -- How to Work a Productivity Waste Case -- Chapter 12: Administrator Abuse -- The Abuse of Omniscience -- Scenario 1: Administrator Runs a Pornographic Site Using Company Resources -- Beginning an Investigation -- The Web Server's Role in the Network -- Directories -- Virtual Servers -- Virtual Directories -- Scenario 2: Exploiting Insider Knowledge Against an Ex-employer -- A Private Investigator Calls... -- As if They're Reading Our Minds... -- What a Network Vulnerability Assessment Can Reveal -- E-mail Data Review and Server Restoration -- Stepping Up Your Game: Knowledge Meets Creativity -- Chapter 13: Stealing Information -- What Are We Looking For? -- Determining Where the Data Went -- LNK Files -- Shellbags -- Scenario: Recovering Log Files to Catch a Thief -- Chapter 14: Internal Leaks -- Why Internal Leaks Happen. | |
| 505 | 8 | |a Investigating Internal Leaks -- Reviewing the Registry Files -- Identifying LNK Files -- Wrapping Up the Investigation -- Using File System Meta-data to Track Leaked or Printed Materials -- Chapter 15: Keyloggers and Malware -- Defining Keyloggers and Malware -- How to Detect Keyloggers and Malware -- Registry Files -- Prefetch Files -- Keyword Searches -- Handling Suspicious Files -- Determining How an Infection Occurred -- What We Know About This Infection -- What We Know About the Keylogger -- Identifying What Data Was Captured -- Finding Information About the Attacker -- What We Know About the Attacker -- Where to Find More About the Attacker -- Part IV: Defending Your Work -- Chapter 16: Documenting Your Findings with Reports -- Documenting Your Findings -- Who Asked You to Undertake the Investigation -- What You Were Asked to Do -- What You Reviewed -- What You Found -- What Your Findings Mean -- Types of Reports -- Informal Report -- Incident Report -- Internal Report -- Declaration -- Affidavit -- Explaining Your Work -- Define Technical Terms -- Provide Examples in Layperson Terms -- Explain Artifacts -- Chapter 17: Litigation and Reports for Court and Exhibits -- Important Legal Terms -- What Type of Witness Are You? -- Fact Witness -- Expert Consultant -- Expert Witness -- Special Master -- Neutral -- Writing Reports for Court -- Declarations in Support of Motions -- Expert Reports -- Creating Exhibits -- Working with Forensic Artifacts -- InfoSec Pro Series: Glossary -- Index. | |
| 546 | |a English. | ||
| 590 | |a O'Reilly |b O'Reilly Online Learning: Academic/Public Library Edition | ||
| 650 | 0 | |a Computer crimes |x Investigation. | |
| 650 | 0 | |a Computer security. | |
| 650 | 0 | |a Forensic sciences. | |
| 650 | 2 | |a Computer Security | |
| 650 | 2 | |a Forensic Sciences | |
| 650 | 6 | |a Sécurité informatique. | |
| 650 | 6 | |a Criminalistique. | |
| 650 | 6 | |a Criminalité informatique |x Enquêtes. | |
| 650 | 7 | |a forensic science. |2 aat | |
| 650 | 7 | |a Computer crimes |x Investigation |2 fast | |
| 650 | 7 | |a Computer security |2 fast | |
| 650 | 7 | |a Forensic sciences |2 fast | |
| 776 | 0 | 8 | |i Print version: |a Cowen, David. |t Computer forensics. |d New York : McGraw-Hill, [2013] |z 9780071742450 |w (DLC) 2013010672 |w (OCoLC)836748319 |
| 856 | 4 | 0 | |u https://learning.oreilly.com/library/view/~/9780071742450/?ar |z Texto completo (Requiere registro previo con correo institucional) |
| 938 | |a ProQuest Ebook Central |b EBLB |n EBL6256604 | ||
| 938 | |a ProQuest Ebook Central |b EBLB |n EBL4958695 | ||
| 938 | |a Books 24x7 |b B247 |n bks00056209 | ||
| 938 | |a ProQuest MyiLibrary Digital eBook Collection |b IDEB |n cis26088603 | ||
| 938 | |a YBP Library Services |b YANK |n 12087408 | ||
| 938 | |a EBSCOhost |b EBSC |n 2686615 | ||
| 994 | |a 92 |b IZTAP | ||