Computer Forensics: Incident Response Essentials

3.9 avg rating
( 29 ratings by Goodreads )
 
9780201707199: Computer Forensics: Incident Response Essentials

Every computer crime leaves tracks—you just have to know where to find them. This book shows you how to collect and analyze the digital evidence left behind in a digital crime scene.

Computers have always been susceptible to unwanted intrusions, but as the sophistication of computer technology increases so does the need to anticipate, and safeguard against, a corresponding rise in computer-related criminal activity.

Computer forensics, the newest branch of computer security, focuses on the aftermath of a computer security incident. The goal of computer forensics is to conduct a structured investigation to determine exactly what happened, who was responsible, and to perform the investigation in such a way that the results are useful in a criminal proceeding.

Written by two experts in digital investigation, Computer Forensics provides extensive information on how to handle the computer as evidence. Kruse and Heiser walk the reader through the complete forensics process—from the initial collection of evidence through the final report. Topics include an overview of the forensic relevance of encryption, the examination of digital evidence for clues, and the most effective way to present your evidence and conclusions in court. Unique forensic issues associated with both the Unix and the Windows NT/2000 operating systems are thoroughly covered.

This book provides a detailed methodology for collecting, preserving, and effectively using evidence by addressing the three A's of computer forensics:

  • Acquire the evidence without altering or damaging the original data.
  • Authenticate that your recorded evidence is the same as the original seized data.
  • Analyze the data without modifying the recovered data.

Computer Forensics is written for everyone who is responsible for investigating digital criminal incidents or who may be interested in the techniques that such investigators use. It is equally helpful to those investigating hacked web servers, and those who are investigating the source of illegal pornography.



0201707195B09052001

"synopsis" may belong to another edition of this title.

Review:

Computer security is a crucial aspect of modern information management, and one of the latest buzzwords is incident response--detecting and reacting to security breaches. Computer Forensics offers information professionals a disciplined approach to implementing a comprehensive incident-response plan, with a focus on being able to detect intruders, discover what damage they did, and hopefully find out who they are.

There is little doubt that the authors are serious about cyberinvestigation. They advise companies to "treat every case like it will end up in court," and although this sounds extreme, it is good advice. Upon detecting a malicious attack on a system, many system administrators react instinctively. This often involves fixing the problem with minimal downtime, then providing the necessary incremental security to protect against an identical attack. The authors warn that this approach often contaminates evidence and makes it difficult to track the perpetrator. This book describes how to maximize system uptime while protecting the integrity of the "crime scene."

The bulk of Computer Forensics details the technical skills required to become an effective electronic sleuth, with an emphasis on providing a well-documented basis for a criminal investigation. The key to success is becoming a "white hat" hacker in order to combat the criminal "black hat" hackers. The message is clear: if you're not smart enough to break into someone else's system, you're probably not smart enough to catch someone breaking into your system. In this vein, the authors use a number of technical examples and encourage the readers to develop expertise in Unix/Linux and Windows NT fundamentals. They also provide an overview of a number of third-party tools, many of which can be used for both tracking hackers and to probe your own systems.

The authors explain their investigative techniques via a number of real-world anecdotes. It is striking that many of the same hacks detailed in Cliff Stoll's classic The Cuckoo's Egg are still in use over 10 years later--both on the criminal and investigative fronts. It is up to individual companies whether or not to pursue each attempted security violation as a potential criminal case, but Computer Forensics provides a strong argument to consider doing so. --Pete Ostenson

Topics covered: Overview of computer crime investigative response, including extensive descriptions of hacking techniques. Frequent examples are used to demonstrate how to extract evidence from a violated computer system. Appendices include sample incident-response forms.

About the Author:



0201707195AB05232001

"About this title" may belong to another edition of this title.

Top Search Results from the AbeBooks Marketplace

1.

Kruse, Warren G.
Published by Pearson Education (2001)
ISBN 10: 0201707195 ISBN 13: 9780201707199
New Quantity Available: > 20
Print on Demand
Seller:
Pbshop
(Wood Dale, IL, U.S.A.)
Rating
[?]

Book Description Pearson Education, 2001. PAP. Book Condition: New. New Book. Shipped from US within 10 to 14 business days. THIS BOOK IS PRINTED ON DEMAND. Established seller since 2000. Bookseller Inventory # IQ-9780201707199

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 32.68
Convert Currency

Add to Basket

Shipping: US$ 3.99
Within U.S.A.
Destination, Rates & Speeds

2.

Kruse, Warren G. II
Published by Addison-Wesley Professional 9/26/2001 (2001)
ISBN 10: 0201707195 ISBN 13: 9780201707199
New Paperback or Softback Quantity Available: 10
Seller:
BargainBookStores
(Grand Rapids, MI, U.S.A.)
Rating
[?]

Book Description Addison-Wesley Professional 9/26/2001, 2001. Paperback or Softback. Book Condition: New. Computer Forensics: Incident Response Essentials. Book. Bookseller Inventory # BBS-9780201707199

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 39.55
Convert Currency

Add to Basket

Shipping: FREE
Within U.S.A.
Destination, Rates & Speeds

3.

Warren G. Kruse, Jay G. Heiser
Published by Addison-Wesley Professional (2001)
ISBN 10: 0201707195 ISBN 13: 9780201707199
New Paperback Quantity Available: 1
Seller:
Solr Books
(Skokie, IL, U.S.A.)
Rating
[?]

Book Description Addison-Wesley Professional, 2001. Paperback. Book Condition: New. Ships Fast! Satisfaction Guaranteed!. Bookseller Inventory # mon0000572686

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 36.27
Convert Currency

Add to Basket

Shipping: US$ 3.99
Within U.S.A.
Destination, Rates & Speeds

4.

Kruse II, Warren G.
Published by Addison-Wesley Professional (2017)
ISBN 10: 0201707195 ISBN 13: 9780201707199
New Paperback Quantity Available: > 20
Print on Demand
Seller:
Murray Media
(North Miami Beach, FL, U.S.A.)
Rating
[?]

Book Description Addison-Wesley Professional, 2017. Paperback. Book Condition: New. Never used! This item is printed on demand. Bookseller Inventory # 0201707195

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 39.59
Convert Currency

Add to Basket

Shipping: US$ 1.99
Within U.S.A.
Destination, Rates & Speeds

5.

Warren G. Kruse, Jay G. Heiser
Published by Pearson Education (US), United States (2001)
ISBN 10: 0201707195 ISBN 13: 9780201707199
New Paperback Quantity Available: 10
Print on Demand
Seller:
The Book Depository US
(London, United Kingdom)
Rating
[?]

Book Description Pearson Education (US), United States, 2001. Paperback. Book Condition: New. Language: English . Brand New Book ***** Print on Demand *****. Every computer crime leaves tracks-you just have to know where to find them. This book shows you how to collect and analyze the digital evidence left behind in a digital crime scene. Computers have always been susceptible to unwanted intrusions, but as the sophistication of computer technology increases so does the need to anticipate, and safeguard against, a corresponding rise in computer-related criminal activity. Computer forensics, the newest branch of computer security, focuses on the aftermath of a computer security incident. The goal of computer forensics is to conduct a structured investigation to determine exactly what happened, who was responsible, and to perform the investigation in such a way that the results are useful in a criminal proceeding. Written by two experts in digital investigation, Computer Forensics provides extensive information on how to handle the computer as evidence. Kruse and Heiser walk the reader through the complete forensics process-from the initial collection of evidence through the final report. Topics include an overview of the forensic relevance of encryption, the examination of digital evidence for clues, and the most effective way to present your evidence and conclusions in court. Unique forensic issues associated with both the Unix and the Windows NT/2000 operating systems are thoroughly covered. This book provides a detailed methodology for collecting, preserving, and effectively using evidence by addressing the three A s of computer forensics: Acquire the evidence without altering or damaging the original data. Authenticate that your recorded evidence is the same as the original seized data. Analyze the data without modifying the recovered data. Computer Forensics is written for everyone who is responsible for investigating digital criminal incidents or who may be interested in the techniques that such investigators use. It is equally helpful to those investigating hacked web servers, and those who are investigating the source of illegal pornography. 0201707195B09052001. Bookseller Inventory # APC9780201707199

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 45.61
Convert Currency

Add to Basket

Shipping: FREE
From United Kingdom to U.S.A.
Destination, Rates & Speeds

6.

Kruse, Warren G.
Published by Pearson Education (2001)
ISBN 10: 0201707195 ISBN 13: 9780201707199
New Quantity Available: > 20
Print on Demand
Seller:
Books2Anywhere
(Fairford, GLOS, United Kingdom)
Rating
[?]

Book Description Pearson Education, 2001. PAP. Book Condition: New. New Book. Delivered from our UK warehouse in 4 to 14 business days. THIS BOOK IS PRINTED ON DEMAND. Established seller since 2000. Bookseller Inventory # IQ-9780201707199

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 34.01
Convert Currency

Add to Basket

Shipping: US$ 12.01
From United Kingdom to U.S.A.
Destination, Rates & Speeds

7.

Warren G. Kruse, Jay G. Heiser
Published by Pearson Education (US), United States (2001)
ISBN 10: 0201707195 ISBN 13: 9780201707199
New Paperback Quantity Available: 10
Print on Demand
Seller:
The Book Depository
(London, United Kingdom)
Rating
[?]

Book Description Pearson Education (US), United States, 2001. Paperback. Book Condition: New. Language: English . Brand New Book ***** Print on Demand *****.Every computer crime leaves tracks-you just have to know where to find them. This book shows you how to collect and analyze the digital evidence left behind in a digital crime scene. Computers have always been susceptible to unwanted intrusions, but as the sophistication of computer technology increases so does the need to anticipate, and safeguard against, a corresponding rise in computer-related criminal activity. Computer forensics, the newest branch of computer security, focuses on the aftermath of a computer security incident. The goal of computer forensics is to conduct a structured investigation to determine exactly what happened, who was responsible, and to perform the investigation in such a way that the results are useful in a criminal proceeding. Written by two experts in digital investigation, Computer Forensics provides extensive information on how to handle the computer as evidence. Kruse and Heiser walk the reader through the complete forensics process-from the initial collection of evidence through the final report. Topics include an overview of the forensic relevance of encryption, the examination of digital evidence for clues, and the most effective way to present your evidence and conclusions in court. Unique forensic issues associated with both the Unix and the Windows NT/2000 operating systems are thoroughly covered. This book provides a detailed methodology for collecting, preserving, and effectively using evidence by addressing the three A s of computer forensics: Acquire the evidence without altering or damaging the original data. Authenticate that your recorded evidence is the same as the original seized data. Analyze the data without modifying the recovered data. Computer Forensics is written for everyone who is responsible for investigating digital criminal incidents or who may be interested in the techniques that such investigators use. It is equally helpful to those investigating hacked web servers, and those who are investigating the source of illegal pornography. 0201707195B09052001. Bookseller Inventory # APC9780201707199

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 46.85
Convert Currency

Add to Basket

Shipping: FREE
From United Kingdom to U.S.A.
Destination, Rates & Speeds

8.

Warren G. Kruse
Published by Addison-Wesley Professional
ISBN 10: 0201707195 ISBN 13: 9780201707199
New Paperback Quantity Available: > 20
Seller:
BuySomeBooks
(Las Vegas, NV, U.S.A.)
Rating
[?]

Book Description Addison-Wesley Professional. Paperback. Book Condition: New. 416 pages. Every computer crime leaves tracksyou just have to know where to find them. This book shows you how to collect and analyze the digital evidence left behind in a digital crime scene. Computers have always been susceptible to unwanted intrusions, but as the sophistication of computer technology increases so does the need to anticipate, and safeguard against, a corresponding rise in computer-related criminal activity. Computer forensics, the newest branch of computer security, focuses on the aftermath of a computer security incident. The goal of computer forensics is to conduct a structured investigation to determine exactly what happened, who was responsible, and to perform the investigation in such a way that the results are useful in a criminal proceeding. Written by two experts in digital investigation, Computer Forensics provides extensive information on how to handle the computer as evidence. Kruse and Heiser walk the reader through the complete forensics processfrom the initial collection of evidence through the final report. Topics include an overview of the forensic relevance of encryption, the examination of digital evidence for clues, and the most effective way to present your evidence and conclusions in court. Unique forensic issues associated with both the Unix and the Windows NT2000 operating systems are thoroughly covered. This book provides a detailed methodology for collecting, preserving, and effectively using evidence by addressing the three As of computer forensics: Acquire the evidence without altering or damaging the original data. Authenticate that your recorded evidence is the same as the original seized data. Analyze the data without modifying the recovered data. Computer Forensics is written for everyone who is responsible for investigating digital criminal incidents or who may be interested in the techniques that such investigators use. It is equally helpful to those investigating hacked web servers, and those who are investigating the source of illegal pornography. 0201707195B09052001 This item ships from multiple locations. Your book may arrive from Roseburg,OR, La Vergne,TN. Paperback. Bookseller Inventory # 9780201707199

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 47.71
Convert Currency

Add to Basket

Shipping: FREE
Within U.S.A.
Destination, Rates & Speeds

9.

Kruse II, Warren G.; Heiser, Jay G.
Published by Addison-Wesley Professional (2001)
ISBN 10: 0201707195 ISBN 13: 9780201707199
New Paperback Quantity Available: 10
Seller:
Ergodebooks
(RICHMOND, TX, U.S.A.)
Rating
[?]

Book Description Addison-Wesley Professional, 2001. Paperback. Book Condition: New. Bookseller Inventory # INGM9780201707199

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 44.78
Convert Currency

Add to Basket

Shipping: US$ 4.99
Within U.S.A.
Destination, Rates & Speeds

10.

Kruse II, Warren G.; Heiser, Jay G.
Published by Addison-Wesley Professional
ISBN 10: 0201707195 ISBN 13: 9780201707199
New PAPERBACK Quantity Available: > 20
Seller:
Russell Books
(Victoria, BC, Canada)
Rating
[?]

Book Description Addison-Wesley Professional. PAPERBACK. Book Condition: New. 0201707195 Special order direct from the distributor. Bookseller Inventory # ING9780201707199

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 54.99
Convert Currency

Add to Basket

Shipping: US$ 7.00
From Canada to U.S.A.
Destination, Rates & Speeds

There are more copies of this book

View all search results for this book