book

Hands-on Incident Response and Digital Forensics

by Mike Sheward

July 2018

Beginner to intermediate

232 pages

7h 59m

English

BCS, The Chartered Institute for IT

Read now

Unlock full access

Incident responseDigital forensicsWhy both?Hands-onHow this book fits in
What is an information security incident?Types of incidentDetecting security incidentsWhy do security incidents happen?Summary
Building the incident response playbookTesting the playbookIncident planning and complianceForensic readinessSummary
IdentificationContainmentEradicationRecoverySummary
Eradication and preservationAn incident from an incidentThe blame gameIt’s not over until it’s overSummary
Post mortemQuantify the impactForensicsSummary
Request for proposalThe power of PRMergers and acquisitionsEscape the technical bubbleIncident response service providersSummary
The investigatorForensics fundamentalsArriving at an investigationInvestigative processSummary
Crimes without bordersLaws applicable to forensicsEthical considerationsSummary
Grab bagForensic hardwareForensic softwareSummary
The hard disk driveRemovable mediaProcessing disk imagesFile systemsOperating systemsFilesAnalysis of artefactsSummary
Incident response and digital forensicsLive acquisition driversLive acquisition techniqueOrder of volatilityNetwork forensicsSummary
Understanding memory devicesCapturingAnalysisSummary
Cloud computing terminologyAcquisition in the cloudContainer forensicsForensics in the cloud?Summary
Mobile phone terminologySeizing mobile devicesAcquisition types and toolsSmartphonesSummary
Layout and contentAudienceSummary
VictimsPerpetratorsInvestigatorsSummary

Overview

In this practical guide, the relationship between incident response and digital forensics is explored and you will learn how to undertake each and balance them to meet the needs of an organisation in the event of an information security incident. Best practice tips and real-life examples are included throughout.