| | |  | Secure Communications | Home » » Computer Forensics: Incident Response Essentials | | | | | | | Description: | | Written by two experts in digital investigation, and provides extensive information on how to handle the computer as evidence. Softcover. | | | Product Details: | | | Author:
| Warren G. Kruse | | Paperback:
| 416 pages | | Publisher:
| Addison-Wesley Professional | | Publication Date:
| October 06, 2001 | | Language:
| English | | ISBN:
| 0201707195 | | Package Length:
| 9.06 inches | | Package Width:
| 7.32 inches | | Package Height:
| 0.87 inches | | Package Weight:
| 1.37 pounds | | Average Customer Rating:
|  based on 22 reviews |
| | | | Customer Reviews: | |
Average Customer Review:
Write an online review and share your thoughts with other customers.
 Computer Forensics by Warren KruseNov 02, 2008
This is a comprehensive overview of forensic collection, preservation, data analysis and best practices for defensibility when pressed by opposing counsel and / or the courts.
Jim Ramsey
 Computer ForensicsMay 21, 2007
This book is good for those not familiar computers. It keeps the material at a high level for the layman. Do not purchase if you are intending to receive in depth, technical analysis and techniques for training as a professional investigator. If you are just trying to gain an overview of the topic, this book should fulfill your requirements. It does a good job of directing the reader to appropriate external resources and tools to perform the forensic tasks the book discusses.
5 of 5 found the following review helpful:
Great for general computer forensics informationMar 03, 2005
Computer Forensics, Incident Response Essentials, is a great book for two groups of people:
1) All computer forensics investigators looking for a better description of the process of collecting and analyzing
data. The book provides great descriptions of the methods for maintaining chain of custody and storage. This is done through the use of example forms and scenarios. Since evidence handling principles are easily overlooked, this book seeks to provide pragmatic techniques for proper evidence preservation.
2) Someone interesting in learning what computer forensics is about. This book is great at providing a high-level description of what computer forensics is used for and how it works. The book does not go into intricate detail on any one software package. Instead, it provides you with a great overview description of numerous software packages and tools. By doing this, the reader can attain a better understanding of what value computer forensics can provide. Since the field is relatively new, it is important for people to understand what computer forensics is capable of.
I highly recommend this book if you are just getting into the field, or if you are tired of reading books that continually tout Encase as the only solution. This book is a critical addition to any computer forensic investigators library.
1 of 1 found the following review helpful:
Good Introduction to Computer Forensics InvestigationsFeb 06, 2005
This book is a couple years old now, but the fundamentals remain essentially the same. Kruse and Heiser are seasoned experts in computer forensics and incident response and they have managed to boil down years of knowledge and experience into a format that is easy to read and understand. While security experts may not learn anything new from this book, those entering the field will find it invaluable. It is comprehensive and detailed while remaining easy to read. The foundation provided by reading and understanding this book can be used to move forward into more technical areas. Computer Forensics is not fluff by any means though and could easily be kept nearby as a handy reference for a computer forensic investigation.
(...)
0 of 2 found the following review helpful:
Great book!Dec 31, 2004
Very readable and interesting.
The authors really know what they are talking about.
| | |
|
