book

CHFI Computer Hacking Forensic Investigator Certification All-in-One Exam Guide

by Charles L. Brooks

September 2014

Intermediate to advanced

656 pages

11h 18m

English

McGraw-Hill

Read now

Unlock full access

So What Is This Computer Forensics Business Anyway?The History of Computer ForensicsObjectives and BenefitsCorporate vs. Criminal InvestigationsThe Forensics InvestigatorChapter ReviewQuestionsAnswersReferences

What Is Digital Evidence?Anti-Digital ForensicsLocard’s Exchange PrincipleFederal Rules of Evidence (FRE)Computer-Generated vs. Computer-Stored RecordsEssential DataBest EvidenceInternational Principles of Computer EvidenceInternational Organization on Computer Evidence Scientific Working Group on Digital EvidenceEvidence CollectionIOCE Guidelines for Recovering Digital Forensic EvidenceThe Scientific MethodConsider a ScenarioExculpatory EvidenceChapter ReviewQuestionsAnswersReferences
The Process Is KeyOverviewBefore the InvestigationPreparing the InvestigationSeizing the EvidenceAnalyzing the Evidence Reporting and TestifyingChapter ReviewQuestionsAnswersReferences
What Services Are You Offering?Staffing Requirements and PlanningBecoming CertifiedSetting Up Your LabPhysical Location NeedsSoftware RequirementsHardware RequirementsField ToolsLab HardwareOther ConsiderationsChapter ReviewQuestionsAnswersReferences
Searching and Seizing ComputersIs Your Search and Seizure Unwarranted?You Have a WarrantElectronic SurveillancePost-seizure IssuesFirst Responder ProceduresFirst on the SceneManaging the Crime SceneCollecting and Transporting the Evidence Collecting and Preserving Electronic EvidenceThe Crime Scene ReportA Checklist for First RespondersData Acquisition and DuplicationData Acquisition: A DefinitionStatic vs. Live AcquisitionValidating the AcquisitionAcquisition Issues: SSDs, RAID, and CloudConcepts in Practice: Data Acquisition Software and ToolsChapter ReviewQuestionsAnswersReferences
Disk Drives and File SystemsEverything You Wanted to Know About Disk Drives File SystemsGetting the BootBooting from a Live CDRecovering Deleted Files and Partitions Recovering Disk PartitionsRecovering File Systems and FilesTheory into Practice: File and Partition Recovery Tools Steganography and Graphics File FormatsGraphics FilesSteganographyTheory into Practice: Graphics File Tools and Steganography Detection ToolsChapter ReviewQuestionsAnswersReferences
Windows Forensics AnalysisLive Investigations: Volatile InformationLive Investigations: Nonvolatile InformationForensic Investigation of a Windows SystemWindows Log AnalysisWindows Password StorageTheory into Practice: Forensics Tools for WindowsCracking PasswordsPasswords: The Good, the Bad, and the UglyPassword-Cracking TypesTheory into Practice: Password-Cracking ToolsChapter ReviewQuestionsAnswersReferences
Forensic InvestigationsInstallation and ConfigurationCreating the Case and Adding DataAnalyzing the DataGenerating the ReportChoosing the Proper Forensic SoftwareForensic Investigations Using FTKInstallation and Configuration Creating the Case and Adding DataAnalyzing the DataGenerating the Report Forensic Investigations Using EnCaseInstallation and ConfigurationCreating the Case and Adding DataAnalyzing the DataGenerating the ReportSo Did We Get the Evidence We Need?Which One to Choose?Chapter ReviewQuestionsAnswersReferences
Network Forensics: A DefinitionNetwork Forensics and Wired NetworksInvestigating Network TrafficNetwork Forensics: Attack and DefendNetwork Security MonitoringTheory into Practice: Network Forensic ToolsNetwork Forensics and Wireless NetworksWhat’s Different About Wireless?The Saga of Wireless EncryptionInvestigating Wireless AttacksTheory into Practice: Wireless Forensic Tools Log Capturing and Event Correlation Logs, Logs, LogsLegal Issues and Logging Synchronizing TimeSIM, SEM, SIEM—Everybody Wants OneTheory into Practice: Log Capturing and Analysis ToolsChapter ReviewQuestionsAnswersReferences
Cellular NetworksCellular DataMobile DevicesPDAsPlain Ol’ Cell PhonesMusic Players (Personal Entertainment Devices)Smart PhonesTablets and PhabletsWhat Can Criminals Do with Mobile Phones?Retrieving the Evidence Challenges in Mobile ForensicsPrecautions to Take Before InvestigatingThe Process in Mobile ForensicsTheory into Practice: Mobile Forensic ToolsChapter ReviewQuestionsAnswersReferences
Web-based AttacksWeb Applications: A DefinitionMounting the AttackWeb Applications: Attack and DefendWeb Tools Follow the LogsInvestigating the BreachE-mail AttacksE-mail ArchitectureE-mail Crimes Laws Regarding E-mailE-mail Headers and Message StructureE-mail InvestigationConcepts in Practice: E-mail Forensic ToolsChapter ReviewQuestionsAnswersReferences
Can I Get a Witness?Technical vs. Expert WitnessesPre-trial Report PreparationI Just Want to Testify Writing a Good ReportWhat Makes an Effective Report?Documenting the CaseTheory into Practice: Generating a ReportDo’s and Don’ts for a DFIResting the CaseChapter ReviewQuestionsAnswersReferences
System RequirementsInstalling and Running Total TesterAbout Total TesterTechnical Support

Content preview from CHFI Computer Hacking Forensic Investigator Certification All-in-One Exam Guide

CHAPTER 11 Attacking Applications

In this chapter, you will learn how to

• Define web applications, explain web application architecture, and explain why web servers are compromised and web pages are defaced

• Provide an overview of web logs, describe Internet Information Services (IIS) and Apache web server logs and how to investigate them

• Discuss different types of web attacks, how to investigate web attacks, and explain the investigation process for attacks in Windows-based servers

• Articulate when web page defacement occurs and discuss various security strategies for web applications

• List several web attack detection tools, and discuss different tools for locating IP addresses

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

CEH Certified Ethical Hacker Cert Guide, 4th Edition

Publisher Resources

ISBN: 9780071831567

CHFI Computer Hacking Forensic Investigator Certification All-in-One Exam Guide

by Charles L. Brooks

CHAPTER 11

Attacking Applications

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

You might also like

CEH Certified Ethical Hacker Cert Guide, 4th Edition

Introduction to Computer Networks and Cybersecurity

Practical Cyber Forensics: An Incident-Based Approach to Forensic Investigations

Digital Forensics Basics: A Practical Guide Using Windows OS

Publisher Resources

CHAPTER 11

Attacking Applications

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,and much more.

You might also like

CEH Certified Ethical Hacker Cert Guide, 4th Edition

Introduction to Computer Networks and Cybersecurity

Practical Cyber Forensics: An Incident-Based Approach to Forensic Investigations

Digital Forensics Basics: A Practical Guide Using Windows OS

Publisher Resources

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.