Principles of Computer Security: CompTIA Security+ and Beyond Lab Manual (Exam SY0-601)

Chapter 23 Computer Forensics

Lab Exercises

23.01 Windows Registry Forensics

23.02 Digital Evidence in RAM and on the Hard Drive

23.03 Steganography

23.04 Imaging, Recovering Deleted Files, File Signatures, and Analyzing Images

Lab Analysis

Key Term Quiz

Comparing cybersecurity to digital forensics is like comparing before to after. Acybercrime incident is any illegal, unauthorized, or unacceptable action that involves a computing system or network.Incidents are breaches of cybersecurity measures that were implemented before the incident occurred.

Incident response is the forensic examination of systems and networks after they have been attacked. It also involves taking actions to remediate an ongoing incident, such as blocking the ...

Get Principles of Computer Security: CompTIA Security+ and Beyond Lab Manual (Exam SY0-601) now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Principles of Computer Security: CompTIA Security+ and Beyond Lab Manual (Exam SY0-601) by Jonathan S. Weissman

Chapter 23

Computer Forensics

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly