Digital Forensics and Incident Response
暫譯: 數位鑑識與事件回應

Key Features

• Learn incident response fundamentals and create an effective incident response framework
• Master forensics investigation utilizing digital investigative techniques
• Contains real-life scenarios that effectively use threat intelligence and modeling techniques

Book Description

Digital Forensics and Incident Response will guide you through the entire spectrum of tasks associated with incident response, starting with preparatory activities associated with creating an incident response plan and creating a digital forensics capability within your own organization. You will then begin a detailed examination of digital forensic techniques including acquiring evidence, examining volatile memory, hard drive assessment, and network-based evidence. You will also explore the role that threat intelligence plays in the incident response process. Finally, a detailed section on preparing reports will help you prepare a written report for use either internally or in a courtroom.

By the end of the book, you will have mastered forensic techniques and incident response and you will have a solid foundation on which to increase your ability to investigate such incidents in your organization.

What you will learn

• Create and deploy an incident response capability within your organization
• Build a solid foundation in handling and acquiring suitable evidence for later analysis
• Analyze collected evidence and determine the root cause of a security incident
• Learn to integrate digital forensic techniques and procedures into the overall incident response process
• Integrate threat intelligence in digital evidence analysis
• Prepare written documentation for use internally or with external parties such as regulators or law enforcement agencies