LEADER 05825nam  2200745Ia 450 
001 9910792087503321
005 20230802012833.0
010   $a1-283-59322-X
010   $a9786613905673
010   $a1-118-21940-6
035   $a(CKB)2560000000093016
035   $a(EBL)821657
035   $a(OCoLC)818853424
035   $a(SSID)ssj0000737217
035   $a(PQKBManifestationID)11439990
035   $a(PQKBTitleCode)TC0000737217
035   $a(PQKBWorkID)10783379
035   $a(PQKB)10174653
035   $a(MiAaPQ)EBC821657
035   $a(MiAaPQ)EBC4031369
035   $a(Au-PeEL)EBL821657
035   $a(CaPaEBR)ebr10596949
035   $a(Au-PeEL)EBL4031369
035   $a(CaPaEBR)ebr11107662
035   $a(CaONFJC)MIL390567
035   $a(OCoLC)927502804
035   $a(EXLCZ)992560000000093016
100   $a20120921d2012      uy             0
101 0 $aeng
135   $aurcn|||||||||
181   $ctxt
182   $cc
183   $acr
200 10$aEncase computer forensics$b[electronic resource] $ethe official ENCE : Encase certified examiner study guide /$fSteve Bunting
205   $a3rd ed.
210   $aIndianapolis, IN $cWiley Pub., Inc.$d2012
215   $a1 online resource (746 p.)
300   $aIncludes index.
311   $a0-470-90106-3 
327   $aEnCase Computer Forensics The Official EnCE: EnCase Certified Examiner Study Guide, Third Edition; Acknowledgments; About the Author; Contents at a Glance; Contents; Table of Exercises; Introduction; Assessment Test; Answers to Assessment Test; Chapter 1: Computer Hardware; The Boot Process; Partitions; File Systems; Summary; Exam Essentials; Review Questions; Chapter 2: File Systems; FAT Basics; NTFS Basics; exFAT; Exam Essentials; Chapter 3: First Response; Planning and Preparation; The Physical Location; Personnel; Computer Systems; What to Take with You Before You Leave
327   $aRecording and Photographing the Scene Seizing Computer Evidence; Bagging and Tagging; Summary; Exam Essentials; Review Questions; Chapter 4: Acquiring Digital Evidence; Booting a Computer Using the EnCase Boot Disk; Other Reasons for Using a DOS Boot; Steps for Using a DOS Boot; Drive-to-Drive DOS Acquisition; Steps for Drive-to-Drive DOS Acquisition; Supplemental Information About Drive-to-Drive DOS Acquisition; Network Acquisitions; Reasons to Use Network Acquisitions; Preparing an EnCase Network Boot Disk; FastBloc 2 Features; Steps for Tableau (FastBloc) Acquisition
327   $aFastBloc SE Acquisitions About FastBloc SE; Steps for FastBloc SE Acquisitions; LinEn Acquisitions; Mounting a File System as Read-Only; Updating a Linux Boot CD with the Latest Version of LinEn; Steps for LinEn Acquisition; Enterprise and FIM Acquisitions; Summary; Exam Essentials; Review Questions; Chapter 5: EnCase Concepts; CRC, MD5, and SHA-1; EnCase Backup Utility; Evidence Cache Folder; Summary; Exam Essentials; Review Questions; Chapter 6: EnCase Environment; Home Screen; EnCase Layout; Creating a Case; Tree Pane Navigation; Disk View; View Pane Navigation; Text View; Hex View
327   $aPicture View Report View; Doc View; Transcript View; File Extents View; Permissions View; Decode View; Field View; Lock Option; Dixon Box; Find Feature; Other Views and Tools; Conditions and Filters; EnScript; Text Styles; Adjusting Panes; Other Views; Global Views and Settings; EnCase Options; Summary; Exam Essentials; Review Questions; Chapter 7: Understanding, Searching For, and Bookmarking Data; Understanding Data; Binary Numbers; Characters; Unicode; Searching for Data; GREP Keywords; Starting a Search; Bookmarking; Summary; Exam Essentials; Review Questions
327   $aChapter 8: File Signature Analysis and Hash AnalysisFile Signature Analysis; Creating a New File Signature; Conducting a File Signature Analysis; Hash Analysis; Summary; Exam Essentials; Review Questions; Chapter 9: Windows Operating System Artifacts; Dates and Times; Time Zones; Windows 64-Bit Time Stamp; Adjusting for Time Zone Offsets; Recycle Bin; Determining the Owner of Files in the Recycle Bin; Using an EnCase Evidence Processor to Determine the Status of Recycle Bin Files; Recycle Bin Bypass; Windows Vista/Windows 7 Recycle Bin; Link Files; Changing the Properties of a Shortcut
327   $aForensic Importance of Link Files
330   $aThe official, Guidance Software-approved book on the newest EnCE exam! The EnCE exam tests that computer forensic analysts and examiners have thoroughly mastered computer investigation methodologies, as well as the use of Guidance Software's EnCase Forensic 7. The only official Guidance-endorsed study guide on the topic, this book prepares you for the exam with extensive coverage of all exam topics, real-world scenarios, hands-on exercises, up-to-date legal information, and sample evidence files, flashcards, and more. Guides readers through preparation for the newest EnCase Ce
606   $aElectronic data processing personnel$xCertification
606   $aComputer security$xExaminations$vStudy guides
606   $aComputer networks$xSecurity measures$xExaminations$vStudy guides
606   $aComputer crimes$xInvestigation$xExaminations$vStudy guides
606   $aForensic sciences$xExaminations$vStudy guides
615  0$aElectronic data processing personnel$xCertification.
615  0$aComputer security$xExaminations
615  0$aComputer networks$xSecurity measures$xExaminations
615  0$aComputer crimes$xInvestigation$xExaminations
615  0$aForensic sciences$xExaminations
676   $a005.8
700   $aBunting$b Steve V$01520001
801  0$bMiAaPQ
801  1$bMiAaPQ
801  2$bMiAaPQ
906   $aBOOK
912   $a9910792087503321
996   $aEncase computer forensics$93758430
997   $aUNINA