Book description
An authoritative guide to investigating high-technology crimes
Internet crime is seemingly ever on the rise, making the need for a comprehensive resource on how to investigate these crimes even more dire. This professional-level book--aimed at law enforcement personnel, prosecutors, and corporate investigators--provides you with the training you need in order to acquire the sophisticated skills and software solutions to stay one step ahead of computer criminals.
Specifies the techniques needed to investigate, analyze, and document a criminal act on a Windows computer or network
Places a special emphasis on how to thoroughly investigate criminal activity and now just perform the initial response
Walks you through ways to present technically complicated material in simple terms that will hold up in court
Features content fully updated for Windows Server 2008 R2 and Windows 7
Covers the emerging field of Windows Mobile forensics
Also included is a classroom support package to ensure academic adoption, Mastering Windows Network Forensics and Investigation, 2nd Edition offers help for investigating high-technology crimes.
Table of contents
- Cover
- Contents
- Introduction
-
Part 1: Understanding and Exploiting Windows Networks
- Chapter 1: Network Investigation Overview
- Chapter 2: The Microsoft Network Structure
- Chapter 3: Beyond the Windows GUI
- Chapter 4: Windows Password Issues
- Chapter 5: Windows Ports and Services
-
Part 2: Analyzing the Computer
- Chapter 6: Live-Analysis Techniques
- Chapter 7: Windows Filesystems
- Chapter 8: The Registry Structure
-
Chapter 9: Registry Evidence
- Finding Information in the Software Key
- Exploring Windows Security, Action Center, and Firewall Settings
- Analyzing Restore Point Registry Settings
- Windows XP Restore Point Content
- Analyzing Volume Shadow Copies for Registry Settings
- Exploring Security Identifiers
- Investigating User Activity
- Extracting LSA Secrets
- Discovering IP Addresses
- Compensating for Time Zone Offsets
- Determining the Startup Locations
- The Bottom Line
- Chapter 10: Introduction to Malware
- Part 3: Analyzing the Logs
- Part 4: Results, the Cloud, and Virtualization
-
Part 5: Appendices
-
Appendix A: The Bottom Line
- Chapter 1: Network Investigation Overview
- Chapter 2: The Microsoft Network Structure
- Chapter 3: Beyond the Windows GUI
- Chapter 4: Windows Password Issues
- Chapter 5: Windows Ports and Services
- Chapter 6: Live-Analysis Techniques
- Chapter 7: Windows Filesystems
- Chapter 8: The Registry Structure
- Chapter 9: Registry Evidence
- Chapter 10: Introduction to Malware
- Chapter 11: Text-based Logs
- Chapter 12: Windows Event Logs
- Chapter 13: Logon and Account Logon Events
- Chapter 14: Other Audit Events
- Chapter 15: Forensic Analysis of Event Logs
- Chapter 16: Presenting the Results
- Chapter 17: The Challenges of Cloud Computing and Virtualization
-
Appendix B: Test Environments
- Software
- Hardware
-
Setting Up Test Environments in Training Laboratories
- Chapter 1: Network Investigation Overview
- Chapter 2: The Microsoft Network Structure
- Chapter 3: Beyond the Windows GUI
- Chapter 4: Windows Password Issues
- Chapter 5: Windows Ports and Services
- Chapter 6: Live-Analysis Techniques
- Chapter 7: Windows Filesystems
- Chapter 8: The Registry Structure
- Chapter 9: Registry Evidence
- Chapter 10: Introduction to Malware
- Chapter 11: Text-Based Logs
- Chapter 12: Windows Event Logs
- Chapter 13: Logon and Account Logon Events
- Chapter 14: Other Audit Events
- Chapter 15: Forensic Analysis of Event Logs
- Chapter 16: Presenting the Results
- Chapter 17: The Challenges of Cloud Computing and Virtualization
-
Appendix A: The Bottom Line
- Index
Product information
- Title: Mastering Windows Network Forensics and Investigation, 2nd Edition
- Author(s):
- Release date: June 2012
- Publisher(s): Sybex
- ISBN: 9781118163825
You might also like
book
Learning Network Forensics
Identify and safeguard your network against both internal and external threats, hackers, and malware attacks About …
book
Network Forensics
Intensively hands-on training for real-world network forensics Network Forensics provides a uniquely practical guide for IT …
book
Hands-On Network Forensics
Gain basic skills in network forensics and learn how to apply them effectively Key Features Investigate …
book
System Forensics, Investigation, and Response, 3rd Edition
Part of the Jones & Bartlett Learning Information Systems Security & Assurance Series! System Forensics, Investigation, …