Operating System Forensics
Published on 27. November 2015
Book
Paperback/Softback
386 pages
978-0-12-801949-8 (ISBN)
Description
Operating System Forensics is the first book to cover all three critical operating systems for digital forensic investigations in one comprehensive reference.
Users will learn how to conduct successful digital forensic examinations in Windows, Linux, and Mac OS, the methodologies used, key technical concepts, and the tools needed to perform examinations.
Mobile operating systems such as Android, iOS, Windows, and Blackberry are also covered, providing everything practitioners need to conduct a forensic investigation of the most commonly used operating systems, including technical details of how each operating system works and how to find artifacts.
This book walks you through the critical components of investigation and operating system functionality, including file systems, data recovery, memory forensics, system configuration, Internet access, cloud computing, tracking artifacts, executable layouts, malware, and log files. You'll find coverage of key technical topics like Windows Registry, /etc directory, Web browers caches, Mbox, PST files, GPS data, ELF, and more. Hands-on exercises in each chapter drive home the concepts covered in the book. You'll get everything you need for a successful forensics examination, including incident response tactics and legal requirements. Operating System Forensics is the only place you'll find all this covered in one book.
Users will learn how to conduct successful digital forensic examinations in Windows, Linux, and Mac OS, the methodologies used, key technical concepts, and the tools needed to perform examinations.
Mobile operating systems such as Android, iOS, Windows, and Blackberry are also covered, providing everything practitioners need to conduct a forensic investigation of the most commonly used operating systems, including technical details of how each operating system works and how to find artifacts.
This book walks you through the critical components of investigation and operating system functionality, including file systems, data recovery, memory forensics, system configuration, Internet access, cloud computing, tracking artifacts, executable layouts, malware, and log files. You'll find coverage of key technical topics like Windows Registry, /etc directory, Web browers caches, Mbox, PST files, GPS data, ELF, and more. Hands-on exercises in each chapter drive home the concepts covered in the book. You'll get everything you need for a successful forensics examination, including incident response tactics and legal requirements. Operating System Forensics is the only place you'll find all this covered in one book.
More details
Language
English
Place of publication
Rockland, MA
United States
Target group
Professional and scholarly
Product notice
Paperback (trade)
Unsewn / adhesive bound
Dimensions
Height: 234 mm
Width: 195 mm
Thickness: 25 mm
Weight
842 gr
ISBN-13
978-0-12-801949-8 (9780128019498)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Other editions
Additional editions
Person
GSEC, CEH, CISSP, WasHere Consulting, Instructor, Graduate Professional Studies, Brandeis University and Champlain College Division of Information Technology & Sciences
Content
Introduction
File Systems
Data Recovery
Memory Forensics
System Configuration
Internet Access
Tracking Artifacts
Log Files
Executable Layouts
Malware
Mobile Operating Systems
New Technologies
Reporting
File Systems
Data Recovery
Memory Forensics
System Configuration
Internet Access
Tracking Artifacts
Log Files
Executable Layouts
Malware
Mobile Operating Systems
New Technologies
Reporting