The all-new edition of this security bestseller reveals the most relevant and up-to-date incident response techniques, tools, and case scenarios. Incident Response & Computer Forensics, Third Edition arms you with the right know-how to react quickly and efficiently to the daily onslaught of data breaches that hit all organizations worldwide. This new edition is chock-full of updates about tools and techniques as well as real-world scenarios reflecting today's most common types of incidents. Specific, detailed advice covers all aspects of incident investigation and handling, with an emphasis on forensics. Special features highlight important tips for security practitioners: the Law Enforcement feature that appears throughout all chapters provides advice on when and how law enforcement must be informed; the What Can Happen feature shows how badly certain scenarios could turn out (with non-action or wrong-action) and why; the Where to Look feature guides you through the fastest routes to key evidence; and the Eye Witness feature details relevant real-world cases for context and urgency.
Part I: Introduction to Incident Response covers real-world incidents, an introduction to the incident response process, preparation for incident response, and what happens after the detection of an incident. Part II: Data Collection covers live data collection from Windows and UNIX systems, forensic duplication, collecting network-based evidence, and evidence handling. Part III: Data Analysis covers computer system storage fundamentals, data analysis techniques, investigating Windows and UNIX systems, analyzing network traffic, investigating hacker tools, investigating routers, and writing computer forensic reports.
The most technically rigorous handbook on incident handling available All-new advice on architecting networks from the ground-up to fight intrusions New details on streamlining intrusion diagnoses for faster recovery New coverage of: log file and massive data analysis; memory analysis; social media portals to entry; malware analysis; and mobile device-originated breaches New real-world scenarios added throughout exemplify the latest, most prevalent incident types New and up-to-date methods for investigating and assessing hackers' latest tools A forensics-forward approach to handling and protecting sensitive data without further compromising systems
Jason T. Luttgens is a former technical director of the security consulting firm Mandiant where he led dozens of global investigations involving industrial espionage, cardholder data theft, and other crimes. A veteran of the U.S. Air Force, he served in the Office of Special Investigations and at the Department of Defense's Computer Forensics Laboratory. Matthew Pepe is a senior technical director and co-founder of Mandiant where he has led numerous investigations, serves as a subject matter expert, and developed the forensic capabilities that are in use today. A veteran of the U.S. Air Force, he served in the Office of Special Investigations' Computer Forensics Laboratory. Kevin Mandia is senior vice president and chief operating officer of FireEye. He founded Mandiant in 2004 and served as the chief executive officer. While in the U.S. Air Force, Kevin served as a computer security officer at the Pentagon and as a special agent in the Air Force Office of Special Investigations.
Number Of Pages:
- ID: 9780071798686
3rd Revised edition
- Saver Delivery: Yes
- 1st Class Delivery: Yes
- Courier Delivery: Yes
- Store Delivery: Yes
Prices are for internet purchases only. Prices and availability in WHSmith Stores may vary significantly
© Copyright 2013 - 2016 WHSmith and its suppliers.
WHSmith High Street Limited Greenbridge Road, Swindon, Wiltshire, United Kingdom, SN3 3LD, VAT GB238 5548 36