Chapter 9. Forensic Analysis
Solutions in this chapter:
- Preparing Your Forensic Environment
- Capturing the Machine
- Preparing the Captured Machine to Boot on New Hardware
- What Can Be Gained by Booting the Captured Machine?
- Summary
- Solutions Fast Track
- Frequently Asked Questions
Introduction
According to Bologna and Lindquist (Fraud Auditing and Forensic Accounting: New Tools and Technique, John Wiley & Sons Inc., 1995), the term forensic means “belonging to, used in, or suitable to courts of judicature or to public discussion and debate.” The College of American Pathologists, in Handbook of Forensic Pathology, 1990, defines forensics as “the application of the principles of the physical sciences in the search for truth in civil, criminal, and social ...
Get Virtualization for Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
