- ホーム
- > 洋書
- > 英文書
- > Computer / Book & Disk / CD-ROM
Full Description
Incident response and forensic investigation are the processes of detecting attacks and properly extracting evidence to report the crime and conduct audits to prevent future attacks This much-needed reference covers the methodologies for incident response and computer forensics, Federal Computer Crime law information and evidence requirements, legal issues, and working with law enforcement Details how to detect, collect, and eradicate breaches in e-mail and malicious code CD-ROM is packed with useful tools that help capture and protect forensic data; search volumes, drives, and servers for evidence; and rebuild systems quickly after evidence has been obtained
Contents
Acknowledgments.Introduction.Chapter 1Response Essentials.Chapter 2: Addressing Law Enforcement Considerations.Chapter 3: Forensic Preparation and Preliminary Response.Chapter 4: Windows Registry, Recycle Bin, and Data Storage.Chapter 5: Analyzing and Detecting Malicious Code and Intruders.Chapter 6: Retrieving and Analyzing Clues.Chapter 7: Procedures for Collecting and Preserving Evidence.Chapter 8: Incident Containment and Eradication of Vulnerabilities.Chapter 9: Disaster Recovery and Follow-Up.Chapter 10: Responding to Different Types of Incidents.Chapter 11: Assessing System Security to Prevent Further Attacks.Chapter 12: Pulling It All Together.Appendix A: What's on the CD-ROM.Appendix B: Commonly Attacked Ports.Appendix C: Field Guidance on USA Patriot Act 2001.Appendix D: Computer Records and the Federal Rules of Evidence.Appendix E: Glossary.Index.
