Book description
The definitive guide to incident response--updated for the first time in a decade!
Thoroughly revised to cover the latest and most effective tools and techniques, Incident Response & Computer Forensics, Third Edition arms you with the information you need to get your organization out of trouble when data breaches occur. This practical resource covers the entire lifecycle of incident response, including preparation, data collection, data analysis, and remediation. Real-world case studies reveal the methods behind--and remediation strategies for--today's most insidious attacks.
- Architect an infrastructure that allows for methodical investigation and remediation
- Develop leads, identify indicators of compromise, and determine incident scope
- Collect and preserve live data
- Perform forensic duplication
- Analyze data from networks, enterprise services, and applications
- Investigate Windows and Mac OS X systems
- Perform malware triage
- Write detailed incident response reports
- Create and implement comprehensive remediation plans
Table of contents
- Cover
- Title Page
- Copyright Page
- About the Authors
- Contents
- Foreword
- Acknowledgments
- Introduction
- Part I: Preparing for the Inevitable Incident
- Part II: Incident Detection and Characterization
-
Part III: Data Collection
- Chapter 7: Live Data Collection
- Chapter 8: Forensic Duplication
- Chapter 9: Network Evidence
- Chapter 10: Enterprise Services
-
Part IV: Data Analysis
- Chapter 11: Analysis Methodology
- Chapter 12: Investigating Windows Systems
- Chapter 13: Investigating Mac OS X Systems
- Chapter 14: Investigating Applications
- Chapter 15: Malware Triage
- Chapter 16: Report Writing
-
Part V: Remediation
-
Chapter 17: Remediation Introduction
- Basic Concepts
- Remediation Pre-Checks
- Form the Remediation Team
- Determine the Timing of the Remediation
- Develop and Implement Remediation Posturing Actions
- Develop and Implement Incident Containment Actions
- Develop the Eradication Action Plan
- Determine Eradication Event Timing and Execute Eradication Plan
- Develop Strategic Recommendations
- Document the Lessons Learned
- Putting It All Together
- Common Mistakes That Lead to Remediation Failure
- So What?
- Questions
- Chapter 18: Remediation Case Study
-
Chapter 17: Remediation Introduction
- Index
Product information
- Title: Incident Response & Computer Forensics, Third Edition, 3rd Edition
- Author(s):
- Release date: August 2014
- Publisher(s): McGraw-Hill
- ISBN: 9780071798693
You might also like
book
The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory
Memory forensics provides cutting edge technology to help investigate digital attacks Memory forensics is the art …
book
Cybersecurity Blue Team Toolkit
A practical handbook to cybersecurity for both tech and non-tech professionals As reports of major data …
book
System Forensics, Investigation, and Response, 3rd Edition
Part of the Jones & Bartlett Learning Information Systems Security & Assurance Series! System Forensics, Investigation, …
book
Gray Hat Hacking The Ethical Hacker's Handbook, Fifth Edition, 5th Edition
Cutting-edge techniques for finding and fixing critical security flaws Fortify your network and avert digital catastrophe …