| | |  | Computer Security | Home » » Mastering Windows Network Forensics and Investigation | | | | | | | Product Promotions: | | | | | Description: | | This comprehensive guide provides you with the training you need to arm yourself against phishing, bank fraud, unlawful hacking, and other computer crimes. Two seasoned law enforcement professionals discuss everything from recognizing high-tech criminal activity and collecting evidence to presenting it in a way that judges and juries can understand. They cover the range of skills, standards, and step-by-step procedures you’ll need to conduct a criminal investigation in a Windows environment and make your evidence stand up in court. | | | Product Details: | | | Author:
| Steven Anson | | Paperback:
| 552 pages | | Publisher:
| Sybex | | Publication Date:
| April 02, 2007 | | Language:
| English | | ISBN:
| 0470097620 | | Product Length:
| 9.14 inches | | Product Width:
| 7.39 inches | | Product Height:
| 1.21 inches | | Product Weight:
| 1.77 pounds | | Package Length:
| 9.1 inches | | Package Width:
| 7.2 inches | | Package Height:
| 1.3 inches | | Package Weight:
| 1.75 pounds | | Average Customer Rating:
|  based on 12 reviews |
| | | | Customer Reviews: | |
Average Customer Review:
 ( 12 customer reviews )
Write an online review and share your thoughts with other customers.
Most Helpful Customer Reviews
8 of 8 found the following review helpful:
 It's refreshing to finally be part of the "target audience"Apr 17, 2007
By Bryan Walker
As a law enforcement officer, I've often found myself frustrated by books that cover incident response, but never discuss law enforcement involvement, except as an afterthought. While I understand that it's important for corporate and internal investigators to have this type of information, it's refreshing to find a book that talks about the law enforcement response to an computer crime incident.
I've had the privilege of attending classes instructed by both of these authors. One of the things that impressed me about their classes is that they were able to break down complicated technical concepts into terms that cops can understand. They continue to do that in this book.
Computer crime investigators need to add this book to their libraries. I'd say it's a must have.
8 of 8 found the following review helpful:
Great "How to" for network forensics and live capturesApr 13, 2007
By Thomas Hyslip
I have been a federal agent and computer forensic examiner for over 10 years and this is the first book I have found that covers the areas of network forensics and live analysis techniques. Most books will cover how to conduct a standard forensic exam of a stand alone computer, but this book goes into detail on how to conduct forensic exams on networks and find the evidence left behind. I really learned a lot through the excellent screen captures and "how tos" that walk you through the process. The authors cover the forensic exam as well as the invetigation which is very helpful.
I highly recommend this book to anyone who works in the arena of computer crime, ecspecially intrusion investigations and computer forensics.
6 of 6 found the following review helpful:
A must have for network security administrators and computer/network crime investigators.Apr 21, 2007
By Shea Tisdale
This book skillfully combines real world network security with law enforcement investigative techniques to deliver a text which will enable you to make the right decisions based on the unique circumstances and facts of each event you are called on to investigate.
I consider this book a must have for anyone in network administration, network security or on a computer emergency response team. The techniques and information contained within are, without a doubt, missing from almost all other books and training you have received.
7 of 8 found the following review helpful:
 Good but could be better...Aug 31, 2007
By RP Faber
"Rob Faber [CISSP, CEH, MCTS, MCSE]"
The book is about the daunting task to get evidence from computers suited with the Windows Operating System. This book is split in three parts. The first part is to get a basic understanding of how things work and what kind of vulnerabilities there are on a typical windows machine. Rootkits are touched lightly although there is some information to get a basic understanding of this complex and threatening technology there could be expected more.
The second part is about analysing a Windows Computer. Tools and techniques are discussed here and some explanation about the various filesystems. There could be less focus on the "EnCase" suite in my opinion.
The last, and in my opinion best part, is about about analysing logs, logparser and how to make your job much easier in gathering information and evidence from a windows machine. A great part with a wealth of useful tips and tricks. Even if you're not directly involved with forensics.
So the authors of this book discussed the basics of foresic investigation and security techniques and also the reasoning behind them. Overall they did a good job. They are not afraid to point out some other interesting booktitles to get even more knowledge about a specific topic. However there could be less focus on "EnCase" and more detailed information about certain topics such as rootkits.
Rob Faber CISSP, CEH, MCSE
Infrastructure architect / Sr. Security consultant
The Netherlands
1 of 1 found the following review helpful:
Outstanding BookJun 18, 2009
By Robert Scott Swisher
I read this book to prepare for a computer forensics class. It is one of the best computer books I have read. It covers a lot of material that I wish was covered in my MCSA classes. This book really filled in a lot of holes in my knowledge. The authors make a point of emphasizing real-world skills and pitfalls to avoid. I highly recommend this book for all network admins and investigators.
See all 12 customer reviews on Amazon.com
| | |
|
