Book description
“What Kevvie Fowler has done here is truly amazing: He has defined, established, and documented SQL server forensic methods and techniques, exposing readers to an entirely new area of forensics along the way. This fantastic book is a much needed and incredible contribution to the incident response and forensic communities.”
—Curtis W. Rose, founder of Curtis W. Rose and Associates and coauthor of Real Digital Forensics
The Authoritative, Step-by-Step Guide to Investigating SQL Server Database Intrusions
Many forensics investigations lead to the discovery that an SQL Server database might have been breached. If investigators cannot assess and qualify the scope of an intrusion, they may be forced to report it publicly–a disclosure that is painful for companies and customers alike. There is only one way to avoid this problem: Master the specific skills needed to fully investigate SQL Server intrusions.
In SQL Server Forensic Analysis, author Kevvie Fowler shows how to collect and preserve database artifacts safely and non-disruptively; analyze them to confirm or rule out database intrusions; and retrace the actions of an intruder within a database server. A chapter-length case study reinforces Fowler’s techniques as he guides you through a real-world investigation from start to finish.
The techniques described in SQL Server Forensic Analysis can be used both to identify unauthorized data access and modifications and to gather the information needed to recover from an intrusion by restoring the pre-incident database state.
Coverage includes
Determining whether data was actually compromised during a database intrusion and, if so, which data
Real-world forensic techniques that can be applied on all SQL Server instances, including those with default logging
Identifying, extracting, and analyzing database evidence from both published and unpublished areas of SQL Server
Building a complete SQL Server incident response toolkit
Detecting and circumventing SQL Server rootkits
Identifying and recovering previously deleted database data using native SQL Server commands
SQL Server Forensic Analysis is the first book of its kind to focus on the unique area of SQL Server incident response and forensics. Whether you’re a digital forensics specialist, incident response team member, law enforcement officer, corporate security specialist, auditor, or database professional, you’ll find this book an indispensable resource.
Table of contents
- Title Page
- Copyright Page
- Contents
- Preface
- Acknowledgments
- About the Author
- 1. Introduction to Databases
- 2. SQL Server Fundamentals
- 3. SQL Server Forensics
- 4. SQL Server Artifacts
- 5. SQL Server Investigation Preparedness
- 6. Incident Verification
- 7. Artifact Collection
- 8. Artifact Analysis I
- 9. Artifact Analysis II
- 10. SQL Server Rootkits
- 11. SQL Server Forensic Investigation Scenario
- A. Installing SQL Server 2005 Express Edition with Advanced Services on Windows
- B. SQL Server Incident Response Scripts
- DVD-ROM Warranty
- Index
Product information
- Title: SQL Server Forensic Analysis
- Author(s):
- Release date: December 2008
- Publisher(s): Addison-Wesley Professional
- ISBN: 9780321533203
You might also like
book
The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory
Memory forensics provides cutting edge technology to help investigate digital attacks Memory forensics is the art …
book
Microsoft SQL Server 2019: A Beginner's Guide, Seventh Edition, 7th Edition
Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, …
book
A Practical Guide to Digital Forensics Investigations, 2nd Edition
THE DEFINITIVE GUIDE TO DIGITAL FORENSICSNOW THOROUGHLY UPDATED WITH NEW TECHNIQUES, TOOLS, AND SOLUTIONS Complete, practical …
book
Microsoft SQL Server 2012 Bible
Harness the powerful new SQL Server 2012 Microsoft SQL Server 2012 is the most significant update …