Digital Forensics and Incident Response
A practical guide to deploying digital forensic techniques in response to cyber security incidents
1st Edition
Published on 24. July 2017
Book
Paperback/Softback
324 pages
978-1-78728-868-3 (ISBN)
Description
A practical guide to deploying digital forensic techniques in response to cyber security incidents
About This Book
* Learn incident response fundamentals and create an effective incident response framework
* Master forensics investigation utilizing digital investigative techniques
* Contains real-life scenarios that effectively use threat intelligence and modeling techniques
Who This Book Is For
This book is targeted at Information Security professionals, forensics practitioners, and students with knowledge and experience in the use of software applications and basic command-line experience. It will also help professionals who are new to the incident response/digital forensics role within their organization.
What You Will Learn
* Create and deploy incident response capabilities within your organization
* Build a solid foundation for acquiring and handling suitable evidence for later analysis
* Analyze collected evidence and determine the root cause of a security incident
* Learn to integrate digital forensic techniques and procedures into the overall incident response process
* Integrate threat intelligence in digital evidence analysis
* Prepare written documentation for use internally or with external parties such as regulators or law enforcement agencies
In Detail
Digital Forensics and Incident Response will guide you through the entire spectrum of tasks associated with incident response, starting with preparatory activities associated with creating an incident response plan and creating a digital forensics capability within your own organization. You will then begin a detailed examination of digital forensic techniques including acquiring evidence, examining volatile memory, hard drive assessment, and network-based evidence. You will also explore the role that threat intelligence plays in the incident response process. Finally, a detailed section on preparing reports will help you prepare a written report for use either internally or in a courtroom.
By the end of the book, you will have mastered forensic techniques and incident response and you will have a solid foundation on which to increase your ability to investigate such incidents in your organization.
Style and approach
The book covers practical scenarios and examples in an enterprise setting to give you an understanding of how digital forensics integrates with the overall response to cyber security incidents. You will also learn the proper use of tools and techniques to investigate common cyber security incidents such as malware infestation, memory analysis, disk analysis, and network analysis.
A practical guide to deploying digital forensic techniques in response to cyber security incidents
About This Book
* Learn incident response fundamentals and create an effective incident response framework
* Master forensics investigation utilizing digital investigative techniques
* Contains real-life scenarios that effectively use threat intelligence and modeling techniques
Who This Book Is For
This book is targeted at Information Security professionals, forensics practitioners, and students with knowledge and experience in the use of software applications and basic command-line experience. It will also help professionals who are new to the incident response/digital forensics role within their organization.
What You Will Learn
* Create and deploy incident response capabilities within your organization
* Build a solid foundation for acquiring and handling suitable evidence for later analysis
* Analyze collected evidence and determine the root cause of a security incident
* Learn to integrate digital forensic techniques and procedures into the overall incident response process
* Integrate threat intelligence in digital evidence analysis
* Prepare written documentation for use internally or with external parties such as regulators or law enforcement agencies
In Detail
Digital Forensics and Incident Response will guide you through the entire spectrum of tasks associated with incident response, starting with preparatory activities associated with creating an incident response plan and creating a digital forensics capability within your own organization. You will then begin a detailed examination of digital forensic techniques including acquiring evidence, examining volatile memory, hard drive assessment, and network-based evidence. You will also explore the role that threat intelligence plays in the incident response process. Finally, a detailed section on preparing reports will help you prepare a written report for use either internally or in a courtroom.
By the end of the book, you will have mastered forensic techniques and incident response and you will have a solid foundation on which to increase your ability to investigate such incidents in your organization.
Style and approach
The book covers practical scenarios and examples in an enterprise setting to give you an understanding of how digital forensics integrates with the overall response to cyber security incidents. You will also learn the proper use of tools and techniques to investigate common cyber security incidents such as malware infestation, memory analysis, disk analysis, and network analysis.
About This Book
* Learn incident response fundamentals and create an effective incident response framework
* Master forensics investigation utilizing digital investigative techniques
* Contains real-life scenarios that effectively use threat intelligence and modeling techniques
Who This Book Is For
This book is targeted at Information Security professionals, forensics practitioners, and students with knowledge and experience in the use of software applications and basic command-line experience. It will also help professionals who are new to the incident response/digital forensics role within their organization.
What You Will Learn
* Create and deploy incident response capabilities within your organization
* Build a solid foundation for acquiring and handling suitable evidence for later analysis
* Analyze collected evidence and determine the root cause of a security incident
* Learn to integrate digital forensic techniques and procedures into the overall incident response process
* Integrate threat intelligence in digital evidence analysis
* Prepare written documentation for use internally or with external parties such as regulators or law enforcement agencies
In Detail
Digital Forensics and Incident Response will guide you through the entire spectrum of tasks associated with incident response, starting with preparatory activities associated with creating an incident response plan and creating a digital forensics capability within your own organization. You will then begin a detailed examination of digital forensic techniques including acquiring evidence, examining volatile memory, hard drive assessment, and network-based evidence. You will also explore the role that threat intelligence plays in the incident response process. Finally, a detailed section on preparing reports will help you prepare a written report for use either internally or in a courtroom.
By the end of the book, you will have mastered forensic techniques and incident response and you will have a solid foundation on which to increase your ability to investigate such incidents in your organization.
Style and approach
The book covers practical scenarios and examples in an enterprise setting to give you an understanding of how digital forensics integrates with the overall response to cyber security incidents. You will also learn the proper use of tools and techniques to investigate common cyber security incidents such as malware infestation, memory analysis, disk analysis, and network analysis.
A practical guide to deploying digital forensic techniques in response to cyber security incidents
About This Book
* Learn incident response fundamentals and create an effective incident response framework
* Master forensics investigation utilizing digital investigative techniques
* Contains real-life scenarios that effectively use threat intelligence and modeling techniques
Who This Book Is For
This book is targeted at Information Security professionals, forensics practitioners, and students with knowledge and experience in the use of software applications and basic command-line experience. It will also help professionals who are new to the incident response/digital forensics role within their organization.
What You Will Learn
* Create and deploy incident response capabilities within your organization
* Build a solid foundation for acquiring and handling suitable evidence for later analysis
* Analyze collected evidence and determine the root cause of a security incident
* Learn to integrate digital forensic techniques and procedures into the overall incident response process
* Integrate threat intelligence in digital evidence analysis
* Prepare written documentation for use internally or with external parties such as regulators or law enforcement agencies
In Detail
Digital Forensics and Incident Response will guide you through the entire spectrum of tasks associated with incident response, starting with preparatory activities associated with creating an incident response plan and creating a digital forensics capability within your own organization. You will then begin a detailed examination of digital forensic techniques including acquiring evidence, examining volatile memory, hard drive assessment, and network-based evidence. You will also explore the role that threat intelligence plays in the incident response process. Finally, a detailed section on preparing reports will help you prepare a written report for use either internally or in a courtroom.
By the end of the book, you will have mastered forensic techniques and incident response and you will have a solid foundation on which to increase your ability to investigate such incidents in your organization.
Style and approach
The book covers practical scenarios and examples in an enterprise setting to give you an understanding of how digital forensics integrates with the overall response to cyber security incidents. You will also learn the proper use of tools and techniques to investigate common cyber security incidents such as malware infestation, memory analysis, disk analysis, and network analysis.
More details
Product info
Paperback
Edition
1. Auflage
Language
English
Place of publication
Birmingham
United Kingdom
Dimensions
Height: 235 mm
Width: 191 mm
Thickness: 18 mm
Weight
607 gr
ISBN-13
978-1-78728-868-3 (9781787288683)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Other editions
New editions
Gerard Johansen
Digital Forensics and Incident Response
Incident response techniques and procedures to respond to modern cyber threats, 2nd Edition
Book
01/2020
2nd Edition
Packt Publishing
€69.10
Shipment within 3-4 weeks
Additional editions
Gerard Johansen
Digital Forensics and Incident Response
A practical guide to deploying digital forensic techniques in response to cyber security incidents
E-Book
06/2024
1st Edition
Packt Publishing Limited
from
€34.79
Available for download
Person
Gerard Johansen is an information security professional with over a decade of experience in such areas as penetration testing, vulnerability management, threat assessment modeling, and incident response. Beginning his information security career while a cybercrime investigator, Gerard has built on that experience while working as a consultant and security analyst for clients and organizations ranging from healthcare to finance. Gerard is a graduate of Norwich University's Masters of Science in Information Assurance and a Certified Information Systems Security Professional.
Gerard is currently employed as an Enterprise Security Manager with a large retailer with a focus on incident detection, response and threat intelligence integration. He has also contributed to several online publications focused on various aspects of penetration testing.
Gerard Johansen is an information security professional with over a decade of experience in such areas as penetration testing, vulnerability management, threat assessment modeling, and incident response. Beginning his information security career while a cybercrime investigator, Gerard has built on that experience while working as a consultant and security analyst for clients and organizations ranging from healthcare to finance. Gerard is a graduate of Norwich University's Masters of Science in Information Assurance and a Certified Information Systems Security Professional.
Gerard is currently employed as an Enterprise Security Manager with a large retailer with a focus on incident detection, response and threat intelligence integration. He has also contributed to several online publications focused on various aspects of penetration testing.
Gerard is currently employed as an Enterprise Security Manager with a large retailer with a focus on incident detection, response and threat intelligence integration. He has also contributed to several online publications focused on various aspects of penetration testing.
Gerard Johansen is an information security professional with over a decade of experience in such areas as penetration testing, vulnerability management, threat assessment modeling, and incident response. Beginning his information security career while a cybercrime investigator, Gerard has built on that experience while working as a consultant and security analyst for clients and organizations ranging from healthcare to finance. Gerard is a graduate of Norwich University's Masters of Science in Information Assurance and a Certified Information Systems Security Professional.
Gerard is currently employed as an Enterprise Security Manager with a large retailer with a focus on incident detection, response and threat intelligence integration. He has also contributed to several online publications focused on various aspects of penetration testing.