Mastering Windows Network Forensics and Investigation, 2nd Edition


An authoritative guide to investigating high-technology crimes

Internet crime is seemingly ever on the rise, making the need for a comprehensive resource on how to investigate these crimes even more dire. This professional-level book–aimed at law enforcement personnel, prosecutors, and corporate investigators–provides you with the training you need in order to acquire the sophisticated skills and software solutions to stay one step ahead of computer criminals.

  • Specifies the techniques needed to investigate, analyze, and document a criminal act on a Windows computer or network
  • Places a special emphasis on how to thoroughly investigate criminal activity and now just perform the initial response
  • Walks you through ways to present technically complicated material in simple terms that will hold up in court
  • Features content fully updated for Windows Server 2008 R2 and Windows 7
  • Covers the emerging field of Windows Mobile forensics

Also included is a classroom support package to ensure academic adoption, Mastering Windows Network Forensics and Investigation, 2nd Edition offers help for investigating high-technology crimes.

Table of Contents
Part 1: Understanding and Exploiting Windows Networks
Chapter 1. Network Investigation Overview
Chapter 2. The Microsoft Network Structure
Chapter 3. Beyond the Windows GUI
Chapter 4. Windows Password Issues
Chapter 5. Windows Ports and Services

Part 2: Analyzing the Computer
Chapter 6. Live-Analysis Techniques
Chapter 7. Windows Filesystems
Chapter 8. The Registry Structure
Chapter 9. Registry Evidence
Chapter 10. Introduction to Malware

Part 3: Analyzing the Logs
Chapter 11. Text-Based Logs
Chapter 12. Windows Event Logs
Chapter 13. Logon and Account Logon Events
Chapter 14. Other Audit Events
Chapter 15. Forensic Analysis of Event Logs

Part 4: Results, the Cloud, and Virtualization
Chapter 16. Presenting the Results
Chapter 17. The Challenges of Cloud Computing and Virtualization

Part 5: Appendices
Appendix A. The Bottom Line
Appendix B. Test Environments

Book Details

  • Paperback: 696 pages
  • Publisher: Sybex; 2nd Edition (June 2012)
  • Language: English
  • ISBN-10: 1118163826
  • ISBN-13: 978-1118163825
Download [76.4 MiB]

You may also like...

Leave a Reply