Incident Response: Computer Forensics Toolkit [推广有奖]

5关注
82粉丝

已卖：31042份资源

学科带头人

62%

还不是VIP/贵宾

TA的文库 其他...

Financial Engineering

威望: 1 级
论坛币: 306457 个
通用积分: 174.6566
学术水平: 240 点
热心指数: 288 点
信用等级: 148 点
经验: 241084 点
帖子: 499
精华: 0
在线时间: 2716 小时
注册时间: 2015-6-13
最后登录: 2023-7-9

楼主

nelsoncwlee 发表于 2015-8-20 18:54:19 |AI写论文

是否 +2 论坛币

k人参与回答

经管之家送您一份

应届毕业生专属福利!

求职就业群

赵安豆老师微信：zhaoandou666

经管之家联合CDA

送您一个全额奖学金名额~ !

立即领取

感谢您参与论坛问题回答

经管之家送您两个论坛币！

+2 论坛币

* Incident response and forensic investigation are the processes of detecting attacks and properly extracting evidence to report the crime and conduct audits to prevent future attacks
* This much-needed reference covers the methodologies for incident response and computer forensics, Federal Computer Crime law information and evidence requirements, legal issues, and working with law enforcement
* Details how to detect, collect, and eradicate breaches in e-mail and malicious code
* CD-ROM is packed with useful tools that help capture and protect forensic data; search volumes, drives, and servers for evidence; and rebuild systems quickly after evidence has been obtained

Editorial ReviewsFrom the Back Cover

Your in-depth guide to detecting network breaches, uncovering evidence, and preventing future attacks

Whether it’s from malicious code sent through an e-mail or an unauthorized user accessing company files, your network is vulnerable to attack. Your response to such incidents is critical. With this comprehensive guide, Douglas Schweitzer arms you with the tools to reveal a security breach, gather evidence to report the crime, and conduct audits to prevent future attacks. He also provides you with a firm understanding of the methodologies for incident response and computer forensics, Federal Computer Crime law information and evidence requirements, legal issues, and how to work with law enforcement.

You’ll learn how to:

Recognize the telltale signs of an incident and take specific response measures
Search for evidence by preparing operating systems, identifying network devices, and collecting data from memory
Analyze and detect when malicious code enters the system and quickly locate hidden files
Perform keyword searches, review browser history, and examine Web caches to retrieve and analyze clues
Create a forensics toolkit to prop-erly collect and preserve evidence
Contain an incident by severing network and Internet connections, and then eradicate any vulnerabilities you uncover
Anticipate future attacks and monitor your system accordingly
Prevent espionage, insider attacks, and inappropriate use of the network
Develop policies and procedures to carefully audit the system

CD-ROM includes:

Helpful tools to capture and protect forensic data; search volumes, drives, and servers for evidence; and rebuild systems quickly after evidence has been obtained
Valuable checklists developed by the author for all aspects of incident response and handling

About the Author

DOUGLAS SCHWEITZER is an Internet security specialist and authority on malicious code and computer forensics. He is a Cisco Certified Network Associate and Certified Internet Webmaster Associate, and holds A+, Network+, and i-Net+ certifications. Schweitzer is also the author of Internet Security Made Easy and Securing the Network from Malicious Code.