Books for Prep | |
by: Harlan Carvey  List Price: $59.95 Amazon.com's Price: $53.95 You Save: $6.00 (10%)Prices subject to change. Availability: Usually ships in 24 hours
This item ships for FREE with Super Saver Shipping.
Binding: PaperbackDewey Decimal Number: 363.250968 EAN: 9781597491563 Edition: Pap/DVD ISBN: 159749156X Label: Syngress Manufacturer: Syngress Number Of Items: 1 Number Of Pages: 416 Publication Date: April 24, 2007 Publisher: Syngress Studio: Syngress Related Items:
Editorial Review: Product Description: The only book available on the market that addresses and discusses in-depth forensic analysis of Windows systems. Windows Forensic Analysis DVD Toolkit takes the reader to a whole new, undiscovered level of forensic analysis for Windows systems, providing unique information and resources not available anywhere else. This book covers both live and post-mortem response collection and analysis methodologies, addressing material that is applicable to law enforcement, the federal government, students, and consultants. This book also brings this material to the doorstep of system administrators, who are often the front line troops when an incident occurs, but due to staffing and budgets do not have the necessary knowledge to effectively respond. The companion DVD for the book contains significant, unique materials (movies, spreadsheet, code, etc.) not available any place else, as they were created by the author. Average Rating:
 Rating: - An excellent book for the IR practitionerI purchased this book a few days ago, and as soon as I read the first chapter, I realized that I needed to read the entire book as quickly as possible. This is a wonderful book, and parts of it truely invoked a state of "nerdvana" in me! PRO's: First, I will say that the information in this book is tightly packed. There is no unnecessary verbage, and the writing is direct, to the point and understandable. There is a high ratio of technical content to noise, and this greatly ... Read More Rating: - Invaluable in a caseHarlan Carvey's book, Windows Forensic Analyisis, is an invaluable resource in any computer forensic examination of a Windows based computer. In real-life experience, I had a case where I had to determine file use by a former employee. The company never took the computer out of service and continued to use the machine after the employee left the company. By using the information in Windows Forensic Analysis on system restore points and MRU registry entries, I was able to determine not only what files ... Read More Rating: - Taking Windows Analysis to the Next Step...Harlan poured his clear love of incident response and of the forensic profession into this book. Windows Forensic Analysis dives into many exceptional topics that are routinely overlooked in similar material. The entire book covers many novel analysis techniques and topics, the registry analysis chapter and the file analysis chapter discusses many detailed artifacts and areas of examination during forensics that up until this was published was only discussed deep inside forensic circles or discovered through ... Read More Rating: - A must have for the forensic professionalOnce again Harlan Carvey has provided a resource worth every penny. The chapters detailing registry and memory analysis alone were extremely valuable to me. The accompanying DVD provides countless Perl scripts to assist in the collection and sorting of data. Rating: - Unique and helpfulThis book is essential for understanding how to analyze memory dumps, albeit many forensic investigators will usually turnoff a computer instead of getting a memory capture to do a more traditional analysis. The included scripts are very helpful. This book unlike many other books in this genera is designed for the technical professional. Forensic analysis is often like a who done it mystery, and having some more tools in your toolkit will assist you in thinking outside the box. The registry analysis ... Read More 
In association with Amazon.com | |