全部版块 我的主页
论坛 会计与财务管理论坛 七区 会计与财务管理
Incident Response: Computer Forensics Toolkit
nelsoncwlee
1280 0
2015-08-20
* Incident response and forensic investigation are the processes of detecting attacks and properly extracting evidence to report the crime and conduct audits to prevent future attacks
* This much-needed reference covers the methodologies for incident response and computer forensics, Federal Computer Crime law information and evidence requirements, legal issues, and working with law enforcement
* Details how to detect, collect, and eradicate breaches in e-mail and malicious code
* CD-ROM is packed with useful tools that help capture and protect forensic data; search volumes, drives, and servers for evidence; and rebuild systems quickly after evidence has been obtained


Editorial ReviewsFrom the Back Cover

Your in-depth guide to detecting network breaches, uncovering evidence, and preventing future attacks

Whether it’s from malicious code sent through an e-mail or an unauthorized user accessing company files, your network is vulnerable to attack. Your response to such incidents is critical. With this comprehensive guide, Douglas Schweitzer arms you with the tools to reveal a security breach, gather evidence to report the crime, and conduct audits to prevent future attacks. He also provides you with a firm understanding of the methodologies for incident response and computer forensics, Federal Computer Crime law information and evidence requirements, legal issues, and how to work with law enforcement.

You’ll learn how to:

  • Recognize the telltale signs of an incident and take specific response measures
  • Search for evidence by preparing operating systems, identifying network devices, and collecting data from memory
  • Analyze and detect when malicious code enters the system and quickly locate hidden files
  • Perform keyword searches, review browser history, and examine Web caches to retrieve and analyze clues
  • Create a forensics toolkit to prop-erly collect and preserve evidence
  • Contain an incident by severing network and Internet connections, and then eradicate any vulnerabilities you uncover
  • Anticipate future attacks and monitor your system accordingly
  • Prevent espionage, insider attacks, and inappropriate use of the network
  • Develop policies and procedures to carefully audit the system

CD-ROM includes:

  • Helpful tools to capture and protect forensic data; search volumes, drives, and servers for evidence; and rebuild systems quickly after evidence has been obtained
  • Valuable checklists developed by the author for all aspects of incident response and handling

About the Author

DOUGLAS SCHWEITZER is an Internet security specialist and authority on malicious code and computer forensics. He is a Cisco Certified Network Associate and Certified Internet Webmaster Associate, and holds A+, Network+, and i-Net+ certifications. Schweitzer is also the author of Internet Security Made Easy and Securing the Network from Malicious Code.

Product Details
  • Paperback: 345 pages
  • Publisher: Wiley (May 2, 2003)
  • Language: English
  • ISBN-10: 0764526367
  • ISBN-13: 978-0764526367






二维码

扫码加我 拉你入群

请注明:姓名-公司-职位

以便审核进群资格,未注明则拒绝

相关推荐
栏目导航
热门文章
推荐文章

说点什么

分享

微信QQ空间QQ微博
扫码加好友,拉您进群
各岗位、行业、专业交流群