Learn Computer Forensics
暫譯: 學習電腦取證

William Oettinger

Learn Computer Forensics
  • 出版商: Packt Publishing
  • 出版日期: 2020-04-24
  • 售價: $3,210
  • 貴賓價: 9.5$3,050
  • 語言: 英文
  • 頁數: 370
  • 裝訂: Quality Paper - also called trade paper
  • ISBN: 1838648178
  • ISBN-13: 9781838648176

    • 已絕版

買這商品的人也買了...

商品描述

Get up and running with collecting evidence using forensics best practices to present your findings in judicial or administrative proceedings

Key Features

  • Learn the core techniques of computer forensics to acquire and secure digital evidence skillfully
  • Conduct a digital forensic examination and document the digital evidence collected
  • Analyze security systems and overcome complex challenges with a variety of forensic investigations

Book Description

A computer forensics investigator must possess a variety of skills, including the ability to answer legal questions, gather and document evidence, and prepare for an investigation. This book will help you get up and running with using digital forensic tools and techniques to investigate cybercrimes successfully.

Starting with an overview of forensics and all the open source and commercial tools needed to get the job done, you'll learn core forensic practices for searching databases and analyzing data over networks, personal devices, and web applications. You'll then learn how to acquire valuable information from different places, such as filesystems, e-mails, browser histories, and search queries, and capture data remotely. As you advance, this book will guide you through implementing forensic techniques on multiple platforms, such as Windows, Linux, and macOS, to demonstrate how to recover valuable information as evidence. Finally, you'll get to grips with presenting your findings efficiently in judicial or administrative proceedings.

By the end of this book, you'll have developed a clear understanding of how to acquire, analyze, and present digital evidence like a proficient computer forensics investigator.

What you will learn

  • Understand investigative processes, the rules of evidence, and ethical guidelines
  • Recognize and document different types of computer hardware
  • Understand the boot process covering BIOS, UEFI, and the boot sequence
  • Validate forensic hardware and software
  • Discover the locations of common Windows artifacts
  • Document your findings using technically correct terminology

Who this book is for

If you're an IT beginner, student, or an investigator in the public or private sector this book is for you.This book will also help professionals and investigators who are new to incident response and digital forensics and interested in making a career in the cybersecurity domain.

商品描述(中文翻譯)

使用取證最佳實踐收集證據,並在司法或行政程序中呈現您的發現

主要特點


  • 學習電腦取證的核心技術,熟練地獲取和保護數位證據

  • 進行數位取證檢查並記錄所收集的數位證據

  • 分析安全系統,並通過各種取證調查克服複雜挑戰

書籍描述

一名電腦取證調查員必須具備多種技能,包括回答法律問題、收集和記錄證據以及為調查做準備。本書將幫助您快速掌握使用數位取證工具和技術成功調查網路犯罪的方法。

本書從取證概述開始,介紹完成工作所需的所有開源和商業工具,您將學習核心取證實踐,以搜尋資料庫和分析網路、個人設備及網頁應用程式上的數據。接著,您將學習如何從不同地方獲取有價值的信息,例如檔案系統、電子郵件、瀏覽器歷史和搜尋查詢,並遠端捕獲數據。隨著進展,本書將指導您在多個平台上實施取證技術,例如 Windows、Linux 和 macOS,展示如何恢復有價值的信息作為證據。最後,您將學會如何在司法或行政程序中有效地呈現您的發現。

在本書結束時,您將清楚了解如何像一名熟練的電腦取證調查員一樣獲取、分析和呈現數位證據。

您將學到什麼


  • 了解調查過程、證據規則和倫理指導方針

  • 識別和記錄不同類型的電腦硬體

  • 了解啟動過程,包括 BIOS、UEFI 和啟動序列

  • 驗證取證硬體和軟體

  • 發現常見 Windows 藝術品的位置

  • 使用技術正確的術語記錄您的發現

本書適合誰

如果您是 IT 初學者、學生或公共或私營部門的調查員,本書適合您。本書也將幫助對事件響應和數位取證感興趣的專業人士和調查員,並希望在網路安全領域發展職業生涯。

作者簡介

William Oettinger is a veteran technical trainer and investigator. He is a retired police officer with the Las Vegas Metropolitan Police Department and a retired CID agent with the United States Marine Corps. He is a professional with over 20 years' experience in academic, local, military, federal, and international law enforcement organizations, where he acquired his multifaceted experience in IT, digital forensics, security operations, law enforcement, criminal investigations, policy, and procedure development. He has earned an MSc from Tiffin University, Ohio. He works for Bilecki and Tipon LLLC and the University of Maryland Global Campus (UMGC). When not working, he likes to spend time with his wife and his two miniature schnauzers.

作者簡介(中文翻譯)

威廉·奧廷格(William Oettinger)是一位資深的技術培訓師和調查員。他是拉斯維加斯市警察局的退休警官,以及美國海軍陸戰隊的退休刑事調查局(CID)特工。他在學術界、地方政府、軍事、聯邦及國際執法機構擁有超過20年的專業經驗,並在資訊科技、數位取證、安全操作、執法、刑事調查、政策及程序開發等領域獲得了多方面的經驗。他擁有俄亥俄州提芬大學(Tiffin University)的碩士學位。他目前在Bilecki and Tipon LLLC及馬里蘭大學全球校區(UMGC)工作。閒暇時,他喜歡與妻子及兩隻迷你雪納瑞犬共度時光。

目錄大綱

  1. Types of Computer-Based Investigations
  2. The Forensic Analysis Process
  3. Acquisition of Evidence
  4. Computer Systems
  5. Computer Investigation Process
  6. Windows Artifact Analysis
  7. RAM Memory Forensic Analysis
  8. Email Forensics – Investigation Techniques
  9. Internet Artifacts
  10. Report Writing
  11. Expert Witness Ethics

目錄大綱(中文翻譯)


  1. Types of Computer-Based Investigations

  2. The Forensic Analysis Process

  3. Acquisition of Evidence

  4. Computer Systems

  5. Computer Investigation Process

  6. Windows Artifact Analysis

  7. RAM Memory Forensic Analysis

  8. Email Forensics – Investigation Techniques

  9. Internet Artifacts

  10. Report Writing

  11. Expert Witness Ethics

類似商品

最後瀏覽商品 (3)