This book fills a significant void on the security shelf: a hands-on toolkit for responding to security breaches. The material discusses the established methodologies and tools that can be used to detect an attack then extract forensic evidence from a violated server or computer that will enable the perpetrator to be prosecuted and aid in preventing future attacks.
Auflage
Sprache
Verlagsort
Verlagsgruppe
Zielgruppe
Illustrationen
Maße
Höhe: 23.4 cm
Breite: 18.8 cm
Gewicht
ISBN-13
978-0-7645-2636-7 (9780764526367)
Schweitzer Klassifikation
DOUGLAS SCHWEITZER is an Internet security specialist and authority on malicious code and computer forensics. He is a Cisco Certified Network Associate and Certified Internet Webmaster Associate, and holds A+, Network+, and i-Net+ certifications. Schweitzer is also the author of Internet Security Made Easy and Securing the Network from Malicious Code.
Acknowledgments.
Introduction.
Chapter 1: Computer Forensics and Incident Response Essentials.
Chapter 2: Addressing Law Enforcement Considerations.
Chapter 3: Forensic Preparation and Preliminary Response.
Chapter 4: Windows Registry, Recycle Bin, and Data Storage.
Chapter 5: Analyzing and Detecting Malicious Code and Intruders.
Chapter 6: Retrieving and Analyzing Clues.
Chapter 7: Procedures for Collecting and Preserving Evidence.
Chapter 8: Incident Containment and Eradication of Vulnerabilities.
Chapter 9: Disaster Recovery and Follow-Up.
Chapter 10: Responding to Different Types of Incidents.
Chapter 11: Assessing System Security to Prevent Further Attacks.
Chapter 12: Pulling It All Together.
Appendix A: What's on the CD-ROM.
Appendix B: Commonly Attacked Ports.
Appendix C: Field Guidance on USA Patriot Act 2001.
Appendix D: Computer Records and the Federal Rules of Evidence.
Appendix E: Glossary.
Index.
