Computer Forensics: Incident Response Essentials |
|
|
|
|
This book is also available, brand-new, from 3rd-party marketplace sellers at Amazon.com, from $19.80.
|
The HTML code below can be pasted onto your web-site, your MySpace page, or blog - or any number of similar places - to create a link to this page:
If, instead of a text link, you'd like to create a link to this page which will display the book cover, if it's available, then the code below will do exactly that:
Check for the same book at these other US book sites:
• [ Abebooks ]
• [ Alibris ]
• [ Barnes & Noble ]
• [ Half.com ]
• [ Powells ]
… or check UK bookstores
|
Editorial Review / Publisher's Information:
Product Description
Written by two experts in digital investigation, and provides extensive information on how to handle the computer as evidence. Softcover.
Amazon.com Review
Computer security is a crucial aspect of modern information management, and one of the latest buzzwords is incident response--detecting and reacting to security breaches. Computer Forensics offers information professionals a disciplined approach to implementing a comprehensive incident-response plan, with a focus on being able to detect intruders, discover what damage they did, and hopefully find out who they are. There is little doubt that the authors are serious about cyberinvestigation. They advise companies to "treat every case like it will end up in court," and although this sounds extreme, it is good advice. Upon detecting a malicious attack on a system, many system administrators react instinctively. This often involves fixing the problem with minimal downtime, then providing the necessary incremental security to protect against an identical attack. The authors warn that this approach often contaminates evidence and makes it difficult to track the perpetrator. This book describes how to maximize system uptime while protecting the integrity of the "crime scene." The bulk of Computer Forensics details the technical skills required to become an effective electronic sleuth, with an emphasis on providing a well-documented basis for a criminal investigation. The key to success is becoming a "white hat" hacker in order to combat the criminal "black hat" hackers. The message is clear: if you're not smart enough to break into someone else's system, you're probably not smart enough to catch someone breaking into your system. In this vein, the authors use a number of technical examples and encourage the readers to develop expertise in Unix/Linux and Windows NT fundamentals. They also provide an overview of a number of third-party tools, many of which can be used for both tracking hackers and to probe your own systems. The authors explain their investigative techniques via a number of real-world anecdotes. It is striking that many of the same hacks detailed in Cliff Stoll's classic The Cuckoo's Egg are still in use over 10 years later--both on the criminal and investigative fronts. It is up to individual companies whether or not to pursue each attempted security violation as a potential criminal case, but Computer Forensics provides a strong argument to consider doing so. --Pete Ostenson Topics covered: Overview of computer crime investigative response, including extensive descriptions of hacking techniques. Frequent examples are used to demonstrate how to extract evidence from a violated computer system. Appendices include sample incident-response forms.
|
Other Items You May Enjoy:
Browse Books From These Related Subjects:
Customer Reviews:
• Computer Forensics By Warren Kruse
02 November, 2008
This is a comprehensive overview of forensic collection, preservation, data analysis and best practices for defensibility when pressed by opposing counsel and / or the courts.
Jim Ramsey
- Amazon Customer Review
• Great For General Computer Forensics Information
03 March, 2005
Computer Forensics, Incident Response Essentials, is a great book for two groups of people:
1) All computer forensics investigators looking for a better description of the process of collecting and analyzing
data. The book provides great descriptions of the methods for maintaining chain of custody and storage. This is done through the use of example forms and scenarios. Since evidence handling principles are easily overlooked, this book seeks to provide pragmatic techniques for proper evidence preservation.
2) Someone interesting in learning what computer forensics is about. This book is great at providing a high-level description of what computer forensics is used for and how it works. The book does not go into intricate detail on any one software package. Instead, it provides you with a great overview description of numerous software packages and tools. By doing this, the reader can attain a better understanding of what value computer forensics can provide. Since the field is relatively new, it is important for people to understand what computer forensics is capable of.
I highly recommend this book if you are just getting into the field, or if you are tired of reading books that continually tout Encase as the only solution. This book is a critical addition to any computer forensic investigators library.
- Amazon Customer Review
• Good Introduction To Computer Forensics Investigations
06 February, 2005
This book is a couple years old now, but the fundamentals remain essentially the same. Kruse and Heiser are seasoned experts in computer forensics and incident response and they have managed to boil down years of knowledge and experience into a format that is easy to read and understand. While security experts may not learn anything new from this book, those entering the field will find it invaluable. It is comprehensive and detailed while remaining easy to read. The foundation provided by reading and understanding this book can be used to move forward into more technical areas. Computer Forensics is not fluff by any means though and could easily be kept nearby as a handy reference for a computer forensic investigation.
(...)
- Amazon Customer Review
• Great Book!
31 December, 2004
Very readable and interesting.
The authors really know what they are talking about.
- Amazon Customer Review
• Computer Forensics
21 May, 2007
This book is good for those not familiar computers. It keeps the material at a high level for the layman. Do not purchase if you are intending to receive in depth, technical analysis and techniques for training as a professional investigator. If you are just trying to gain an overview of the topic, this book should fulfill your requirements. It does a good job of directing the reader to appropriate external resources and tools to perform the forensic tasks the book discusses.
- Amazon Customer Review
|
