Mastering Windows Network Forensics and Investigation and over one million other books are available for Amazon Kindle. Learn more

Vous voulez voir cette page en français ? Cliquez ici.


or
Sign in to turn on 1-Click ordering.
or
Amazon Prime Free Trial required. Sign up when you check out. Learn More
More Buying Choices
Have one to sell? Sell yours here
Start reading Mastering Windows Network Forensics and Investigation on your Kindle in under a minute.

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Mastering Windows Network Forensics and Investigation [Paperback]

Steven Anson , Steve Bunting , Ryan Johnson , Scott Pearson

List Price: CDN$ 71.99
Price: CDN$ 45.13 & FREE Shipping. Details
You Save: CDN$ 26.86 (37%)
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
Only 1 left in stock (more on the way).
Ships from and sold by Amazon.ca. Gift-wrap available.
Want it delivered Wednesday, July 30? Choose One-Day Shipping at checkout.

Formats

Amazon Price New from Used from
Kindle Edition CDN $37.02  
Paperback CDN $45.13  
Join Amazon Student in Canada


Book Description

June 26 2012 1118163826 978-1118163825 2
An authoritative guide to investigating high-technology crimes

Internet crime is seemingly ever on the rise, making the need for a comprehensive resource on how to investigate these crimes even more dire. This professional-level book--aimed at law enforcement personnel, prosecutors, and corporate investigators--provides you with the training you need in order to acquire the sophisticated skills and software solutions to stay one step ahead of computer criminals.

  • Specifies the techniques needed to investigate, analyze, and document a criminal act on a Windows computer or network
  • Places a special emphasis on how to thoroughly investigate criminal activity and now just perform the initial response
  • Walks you through ways to present technically complicated material in simple terms that will hold up in court
  • Features content fully updated for Windows Server 2008 R2 and Windows 7
  • Covers the emerging field of Windows Mobile forensics

Also included is a classroom support package to ensure academic adoption, Mastering Windows Network Forensics and Investigation, 2nd Edition offers help for investigating high-technology crimes.


Frequently Bought Together

Mastering Windows Network Forensics and Investigation + Digital Forensics with Open Source Tools + Network Forensics: Tracking Hackers through Cyberspace
Price For All Three: CDN$ 151.06

Show availability and shipping details


Customers Who Bought This Item Also Bought


Product Details


Product Description

From the Back Cover

Learn How to Conduct a Complete Computer Forensic Investigation

This professional guide teaches law enforcement personnel, prosecutors, and corporate investigators how to investigate crimes involving Windows computers and Windows networks. A top team of forensic experts details how and why Windows networks are targeted, shows you how to analyze computers and computer logs, explains chain of custody, and covers such tricky topics as how to gather accurate testimony from employees in politically charged corporate settings.

From recognizing high-tech criminal activity to presenting evidence in a way that juries and judges understand, this book thoroughly covers the range of skills, standards, and step-by-step procedures you need to conduct a criminal investigation in a Windows environment and make your evidence stand up in court.

Coverage includes:

  • Responding to a reported computer intrusion
  • Understanding how attackers exploit Windows networks
  • Deciphering Windows ports, services, file systems, and the registry
  • Examining suspects' computers and entire networks
  • Analyzing event logs and data using live analysis techniques
  • Exploring new complexities from cloud computing and virtualization

Investigate Computer Crimes in Windows Environments

Fully Updated for Windows Server 2008 and Windows 7

Discover How to Locate and Analyze an Attacker's Tools

Learn Detailed Windows Event Log Analysis

About the Author

Steve Anson, CISSP, EnCE, is the cofounder of Forward Discovery. He has previously served as a police officer, FBI High Tech Crimes Task Force agent, Special Agent with the U.S. DoD, and an instructor with the U.S. State Department Antiterrorism Assistance Program (ATA). He has trained hundreds of law enforcement officers around the world in techniques of digital forensics and investigation. Steve Bunting, EnCE, CCFT, has over 35 years of experience in law enforcement, and his background in computer forensics is extensive. He has conducted computer forensic examinations for numerous local, state, and federal agencies on a variety of cases, as well as testified in court as a computer forensics expert. He has taught computer forensics courses for Guidance Software and is currently a Senior Forensic Consultant with Forward Discovery. Ryan Johnson, DFCP, CFCE, EnCE, SCERS, is a Senior Forensic Consultant with Forward Discovery. He was a digital forensics examiner for the Durham, NC, police and a Media Exploitation Analyst with the U.S. Army. He is an instructor and developer with the ATA. Scott Pearson has trained law enforcement entities, military personnel, and network/system administrators in more than 20 countries for the ATA. He is also a certifying Instructor on the Cellebrite UFED Logical and Physical Analyzer Mobile Device Forensics tool and has served as an instructor for the DoD Computer Investigations Training Academy.

What Other Items Do Customers Buy After Viewing This Item?


Customer Reviews

There are no customer reviews yet on Amazon.ca
5 star
4 star
3 star
2 star
1 star
Most Helpful Customer Reviews on Amazon.com (beta)
Amazon.com: 4.7 out of 5 stars  3 reviews
14 of 14 people found the following review helpful
5.0 out of 5 stars Great overview of incident response forensics July 24 2012
By Chad Tilbury - Published on Amazon.com
Format:Paperback
Mastering Windows Network Forensics and Investigations fills an interesting niche not well addressed in the pantheon of digital forensics resources. The material is well suited for beginning and intermediate forensic examiners looking to better understand network artifacts and go beyond single-system forensics. I highly recommend it for system administrators looking for a different perspective on network security or those interested in designing networks to be forensics-friendly. That said, the topics covered do not fit within the classical definition of network forensics. A more apt title might be Mastering Incident Response Forensics and Investigations.

This is the first book I have read in the Sybex Mastering series, and I was impressed with the writing, research, and editing. The authors blended dense material with relevant examples and insightful and engaging text boxes.

Some highlights:

- The event log coverage was excellent; a difficult and prosaic topic was explained in simple terms and with just the right amount of depth. One of my favorite sections included the recovery of event log fragments from free space.

- The chapters on the Windows registry were excellent and had space for rarely talked about advanced concepts like volatile hives, registry redirection and reflection, and registry virtualization.

- The investigative uses of XP Restore Points and Windows 7 Shadow Volumes tied in nicely with other topics.

- The new chapter on virtualization and cloud forensics is a good addition. Live response and data acquisition in virtualized environments like VMWare ESX was covered, and an intelligent discussion on how to prepare for collecting cloud data was started.

In this second edition (released in June 2012), it is obvious the authors took pains to include the most current information available. Windows 7, Server 2008R2, and their associated artifacts are discussed extensively. Guidance Software's EnCase v7 and Volatility 2.0 are both introduced. There are even references to computer crime cases occurring in 2012.

(This is an excerpt from my full review at ForensicFocus.com)
3 of 3 people found the following review helpful
5.0 out of 5 stars Don't let the name fool you. This one has much more to offer than the name might imply. Nov. 22 2012
By John Sammons - Published on Amazon.com
Format:Paperback|Verified Purchase
One of my new favorite forensic books. I strongly recommend this book for Windows forensics in general, not just for networks. Great explanations of various Windows artifacts, file systems, and much more. The network related topics are covered equally as well. The book is very well written in a way that is both understandable and engaging. This book can work for experts and those starting out as well. An excellent addition to anyone's forensic library.
4.0 out of 5 stars Four Stars July 28 2014
By Afreed - Published on Amazon.com
Format:Paperback|Verified Purchase
Good book, Needed it for class. Very informative and detailed on the aspects of Windows investigations

Look for similar items by category


Feedback