Skip to Main Content
Practical Memory Forensics
book

Practical Memory Forensics

by Svetlana Ostrovskaya, Oleg Skulkin
March 2022
Intermediate to advanced content levelIntermediate to advanced
304 pages
5h 58m
English
Packt Publishing
Content preview from Practical Memory Forensics

Chapter 2: Acquisition Process

Memory acquisition is usually referred to as the process of copying the contents of volatile memory to a non-volatile storage device for preservation. To have a good understanding of the process, the investigator needs to know at least some memory management principles, understand how tools for memory extraction work, and be able to choose the most appropriate tool and use it correctly. In addition, it is important to understand that creating full memory dumps is not always the only solution. There is live memory analysis, which also has its advantages and, in some cases, may be preferable to memory acquisition.

In this chapter, you'll learn about the following:

  • Introducing memory management concepts
  • What's live ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Practical Windows Forensics

Practical Windows Forensics

Ayman Shaaban, Konstantin Sapronov
Practical Mobile Forensics - Fourth Edition

Practical Mobile Forensics - Fourth Edition

Rohit Tamma, Oleg Skulkin, Heather Mahalik, Satish Bommisetty
Learn Computer Forensics

Learn Computer Forensics

William Oettinger

Publisher Resources

ISBN: 9781801070331