Author | Prosise, Chris |
---|---|
Title | Incident response & computer forensics [electronic resource] / Chris Prosise, Kevin Mandia |
Imprint | New York : McGraw-Hill/Osborne, c2003 |
Edition | 2nd ed |
Connect to | http://www.netLibrary.com/urlapi.asp?action=summary&v=1&bookid=99011 |
Descript | xxix, 507 p. : ill |
Real-world incidents -- Introduction to the incident response process -- Preparing for incident response -- After detection of an incident -- Live Data Collection from Windows systems -- Live data collection from Unix systems -- Forensic duplication -- Collecting network-based evidence -- Evidence handling -- Computer system storage fundamentals -- Data analysis techniques -- Investigating Windows systems -- Investigating Unix systems -- Analyzing network traffic -- Investigating hacker tools -- Investigating routers -- Writing computer forensic reports -- Appendixes