03241nam 22006254a 450 991078461990332120230120004915.01-281-11265-897866111126530-08-055644-2(CKB)1000000000383569(EBL)328624(OCoLC)476126401(SSID)ssj0000272284(PQKBManifestationID)11207181(PQKBTitleCode)TC0000272284(PQKBWorkID)10308874(PQKB)10552644(MiAaPQ)EBC328624(Au-PeEL)EBL328624(CaPaEBR)ebr10204205(CaONFJC)MIL111265(EXLCZ)99100000000038356920070604d2007 uy 0engur|n|---|||||txtccrWindows forensic analysis[electronic resource] DVD toolkit, /Harlan CarveyBurlington, MA Syngress Pub.c20071 online resource (386 p.)"Incident response and cybercrime investigation secrets"--Cover.1-59749-156-X Includes bibliographical references and index.Cover; Contents; Preface; Chapter 1: Live Response: Collecting Volatile Data; Introduction; Live Response; What Data to Collect; Nonvolatile Information; Live-Response Methodologies; Chapter 2: Live Response: Data Analysis; Introduction; Data Analysis; Chapter 3: Windows Memory Analysis; Introduction; Dumping Physical Memory; Analyzing a Physical Memory Dump; Collecting Process Memory; Chapter 4: Registry Analysis; Introduction; Inside the Registry; Registry Analysis; Chapter 5: File Analysis; Introduction; Event Logs; File Metadata; Alternative Methods of AnalysisChapter 6: Executable File AnalysisIntroduction; Static Analysis; Dynamic Analysis; Chapter 7: Rootkits and Rootkit Detection; Introduction; Rootkits; Rootkit Detection; IndexThe only book available on the market that addresses and discusses in-depth forensic analysis of Windows systems. Windows Forensic Analysis DVD Toolkit takes the reader to a whole new, undiscovered level of forensic analysis for Windows systems, providing unique information and resources not available anywhere else. This book covers both live and post-mortem response collection and analysis methodologies, addressing material that is applicable to law enforcement, the federal government, students, and consultants. This book also brings this material to the doorstep of system administrators, whoComputer crimesInvestigationUnited StatesMethodologyComputer networksSecurity measuresInternetSecurity measuresComputer securityComputer crimesInvestigationMethodology.Computer networksSecurity measures.InternetSecurity measures.Computer security.363.25/0968Carvey Harlan A523172MiAaPQMiAaPQMiAaPQBOOK9910784619903321Windows forensic analysis827878UNINA