Mastering Windows Network Forensics and Investigation, 2nd Edition
- Length: 696 pages
- Edition: 2
- Language: English
- Publisher: Sybex
- Publication Date: 2012-06-26
- ISBN-10: 1118163826
- ISBN-13: 9781118163825
- Sales Rank: #439637 (See Top 100 Books)
An authoritative guide to investigating high-technology crimes
Internet crime is seemingly ever on the rise, making the need for a comprehensive resource on how to investigate these crimes even more dire. This professional-level book–aimed at law enforcement personnel, prosecutors, and corporate investigators–provides you with the training you need in order to acquire the sophisticated skills and software solutions to stay one step ahead of computer criminals.
- Specifies the techniques needed to investigate, analyze, and document a criminal act on a Windows computer or network
- Places a special emphasis on how to thoroughly investigate criminal activity and now just perform the initial response
- Walks you through ways to present technically complicated material in simple terms that will hold up in court
- Features content fully updated for Windows Server 2008 R2 and Windows 7
- Covers the emerging field of Windows Mobile forensics
Also included is a classroom support package to ensure academic adoption, Mastering Windows Network Forensics and Investigation, 2nd Edition offers help for investigating high-technology crimes.
Table of Contents
Part 1: Understanding and Exploiting Windows Networks
Chapter 1. Network Investigation Overview
Chapter 2. The Microsoft Network Structure
Chapter 3. Beyond the Windows GUI
Chapter 4. Windows Password Issues
Chapter 5. Windows Ports and Services
Part 2: Analyzing the Computer
Chapter 6. Live-Analysis Techniques
Chapter 7. Windows Filesystems
Chapter 8. The Registry Structure
Chapter 9. Registry Evidence
Chapter 10. Introduction to Malware
Part 3: Analyzing the Logs
Chapter 11. Text-Based Logs
Chapter 12. Windows Event Logs
Chapter 13. Logon and Account Logon Events
Chapter 14. Other Audit Events
Chapter 15. Forensic Analysis of Event Logs
Part 4: Results, the Cloud, and Virtualization
Chapter 16. Presenting the Results
Chapter 17. The Challenges of Cloud Computing and Virtualization
Part 5: Appendices
Appendix A. The Bottom Line
Appendix B. Test Environments
Leveraging Artificial Intelligence (AI) Competencies for Next-Generation Cybersecurity Solutions
