Windows Forensics: The Field Guide for Corporate Computer Investigations - Softcover

About the Author

Chad Steel has investigated more than 300 computer security incidents. As an adjunct faculty member, he developed and taught the Computer Forensics graduate course in Penn State's engineering program and has instructed federal and local law enforcement, commercial clients, and graduate students in forensic analysis. His experience includes serving as head of IT investigations for a Global 100 corporation and as managing director of the Systems Integration and Security practice at Qwest Communications.

From the Back Cover

The evidence is in—to solve Windows crime, you need Windows tools

An arcane pursuit a decade ago, forensic science today is a household term. And while the computer forensic analyst may not lead as exciting a life as TV's CSIs do, he or she relies just as heavily on scientific principles and just as surely solves crime.

Whether you are contemplating a career in this growing field or are already an analyst in a Unix/Linux environment, this book prepares you to combat computer crime in the Windows world. Here are the tools to help you recover sabotaged files, track down the source of threatening e-mails, investigate industrial espionage, and expose computer criminals.

• Identify evidence of fraud, electronic theft, and employee Internet abuse
• Investigate crime related to instant messaging, Lotus Notes®, and increasingly popular browsers such as Firefox®
• Learn what it takes to become a computer forensics analyst
• Take advantage of sample forms and layouts as well as case studies
• Protect the integrity of evidence
• Compile a forensic response toolkit
• Assess and analyze damage from computer crime and process the crime scene
• Develop a structure for effectively conducting investigations
• Discover how to locate evidence in the Windows Registry