购买选项

Kindle电子书价格: ￥203.82

请输入促销代码或礼品卡

“Learn Computer Forensics: A beginner's guide to searching, analyzing, and securing digital evidence (English Edition)”，作者：[William Oettinger]

Learn Computer Forensics: A beginner's guide to searching, analyzing, and securing digital evidence (English Edition) Kindle电子书

英语版本 William Oettinger (作者) 格式: Kindle电子书

109 评论

|

分享 <分享样章>

显示所有格式和版本隐藏其他格式和版本

亚马逊价格

全新品最低价

非全新品最低价

Kindle电子书

"请重试"

￥203.82

—

Kindle电子书
￥203.82 使用我们的免费Kindle阅读软件

Get up and running with collecting evidence using forensics best practices to present your findings in judicial or administrative proceedings

Key Features

Learn the core techniques of computer forensics to acquire and secure digital evidence skillfully
Conduct a digital forensic examination and document the digital evidence collected
Analyze security systems and overcome complex challenges with a variety of forensic investigations

Book Description

A computer forensics investigator must possess a variety of skills, including the ability to answer legal questions, gather and document evidence, and prepare for an investigation. This book will help you get up and running with using digital forensic tools and techniques to investigate cybercrimes successfully.

Starting with an overview of forensics and all the open source and commercial tools needed to get the job done, you'll learn core forensic practices for searching databases and analyzing data over networks, personal devices, and web applications. You'll then learn how to acquire valuable information from different places, such as filesystems, e-mails, browser histories, and search queries, and capture data remotely. As you advance, this book will guide you through implementing forensic techniques on multiple platforms, such as Windows, Linux, and macOS, to demonstrate how to recover valuable information as evidence. Finally, you'll get to grips with presenting your findings efficiently in judicial or administrative proceedings.

By the end of this book, you'll have developed a clear understanding of how to acquire, analyze, and present digital evidence like a proficient computer forensics investigator.

What you will learn

Understand investigative processes, the rules of evidence, and ethical guidelines
Recognize and document different types of computer hardware
Understand the boot process covering BIOS, UEFI, and the boot sequence
Validate forensic hardware and software
Discover the locations of common Windows artifacts
Document your findings using technically correct terminology

Who this book is for

If you're an IT beginner, student, or an investigator in the public or private sector this book is for you.This book will also help professionals and investigators who are new to incident response and digital forensics and interested in making a career in the cybersecurity domain.

基本信息

ASIN ‏ : ‎ B086WBP289
出版社 ‏ : ‎ Packt Publishing; 第 1st 版 (2020年4月30日)
出版日期 ‏ : ‎ 2020年4月30日
语言 ‏ : ‎ 英语
文件大小 ‏ : ‎ 31518 KB
标准语音朗读 ‏ : ‎ 已启用
X-Ray ‏ : ‎ 未启用
生词提示功能 ‏ : ‎ 未启用
纸书页数 ‏ : ‎ 370页
> ISBN ‏ : ‎ 1838648178

亚马逊热销商品排名: 商品里排第194,056名Kindle商店 (查看商品销售排行榜Kindle商店)
- 商品里排第54名Networking & Security（网络与安全）
- 商品里排第104名Law(法律)
- 商品里排第104名Internet & Social Media（互联网及社交媒体）

用户评分:
109 评论

购买此商品的顾客也同时购买

第 1 页, 共 1 页第一页第 1 页, 共 1 页

按Enter键后，此购物功能将继续加载商品。要导航到此轮盘之外，请使用您的标题快捷键，导航到之前或之后的标题。

Rohit Tamma

58

Kindle电子书
¥233.25
Justin Seitz

184

Kindle电子书
¥262.69
Alexis Ahmed

14

Kindle电子书
¥292.11

无顾客评论

5 星 (0%)		0%
4 星 (0%)		0%
3 星 (0%)		0%
2 星 (0%)		0%
1 星 (0%)		0%

评分是如何计算的？

评论该商品

我要写评论

此商品在美国亚马逊上最有用的商品评论

美国亚马逊： 14 条评论

David Papargiris

Outstanding Book for use for Introduction to Digital Forensic Courses

2020年6月2日 - 已在美国亚马逊上发表

已确认购买

This book is very well written and covers all aspects of the digital forensic process, from identification, preservation , acquition and processing of the digital evidence. This book walks you through a digital crime scene and obstacles and planning that should be done. The chapter on Memory forensics was very clearly stated from acquiring it and processing it to the knowledge that some data will change while capturing the RAM. The book is laid out nicely to include report writing and testifying. The author covers both criminal and civil exams, mentions numerous tools from open source to vendor specific. Over all very well written and easy to follow along with the authors numerous real life examples from his years of experiance.

3 个人发现此评论有用

PATRICK ANTOINE

HIGHLY RECOMMENDED FOR NEWCOMERS TO DIGITAL FORENSICS

2021年5月18日 - 已在美国亚马逊上发表

已确认购买

I met Bill many years ago in the Marine Corps when I was a young investigator. I’m pretty sure he recommended that I learn the basics of computer forensics back then but I didn’t listen. Here I am now about 14 years later trying to play catch up. Fortunately Bill’s writing and language is that of a cop and an experienced investigator…NOT an engineer. This book is my go-to guide in my current cybersecurity endeavor and I recently learned that university libraries carry it. HIGHLY recommended for newcomers to digital forensics.

2 个人发现此评论有用

Isha F.

Very Informative and Descriptive!!

2021年9月28日 - 已在美国亚马逊上发表

已确认购买

I’m still reading, however this book is amazing with real life examples, how to pictorials and scenarios a must buy if you’re looking to get into forensics!

Michael Bryan

Easy to Read- Details the go-to artifacts

2020年5月26日 - 已在美国亚马逊上发表

An attempt to capture the entire field of computer forensics in a single volume is a seemingly impossible task. The author does an excellent job of highlighting the most commonly used forensic artifacts in the Windows environment. In addition to covering commonly used artifacts, the author discusses the importance of and format of report writing, ethics, testifying, and digital forensic ideology.
I was sold on the book after the author made the following statement, "Unfortunately, I find many students want to use a "find evidence" button, find all the artifacts, and print up a thousand-page report and call it a day. That is not digital forensics." I would replace the "students" with investigators/digital forensic analysts as I have seen this many times, especially as the paid-tools become more powerful and able to present artifacts in an easy-to-read format. As I read the line, I paused and immediately messaged another examiner with a different agency, as this sentiment is often brought up in our discussions. Paid-tools tempt practitioners to focus on single artifacts as evidence, but the author reminds the reader, "we cannot construe the mere presence of the artifact as a sign of the suspect's guilt (or innocence). The artifact needs to be placed within the context of the user and system activity." New and old forensic examiners need to remember that they are the skilled practitioner, whose job is to speak for the digital evidence. Our job is to examine the evidence as it exists and use the data found to present the truth without regard to the side of the courtroom we sit on. Through the book, the author reminds the reader that the forensic analyst role is to be a neutral evaluator of the evidence.
The book provides an excellent introduction for new examiners or those looking to expand their understanding of the results provided by forensic examiners. The book also can be used as a high-level reference for aspects of Windows forensics that an examiner may not use every day.
The author takes time to direct the reader to free tools and other resources. While he does declare his preference for one of the paid-tool over others, he does explain the free tools and how they can impact the review of a variety of artifacts. I appreciate him directing the reader to outside resources, collections of data, and information that should be marked in everyone's bookmarks.
I found his explanation of the thumbcache's relationship with Windows.edb to be the most concise and useful explanation of how to provide context to thumbcache databases. Thumbcache is a topic I have researched ad nauseam. As an ICAC investigator, items of interest are often found in the thumbcache databases; the ability to put a name on the image allows the image to be tied to other activities to provide context and value.
There are many little nuggets of gold scattered through the book that will be a value to nearly all examiners, if for no other purpose to provide a prewritten, easy-to-understand explanation of the artifacts.
The author's experience and professionalism shine through his writing.

7 个人发现此评论有用

Jason Jordaan

Good Introduction to Windows Computer Forensics

2020年5月5日 - 已在美国亚马逊上发表

While I have not met the author in person, we are both members of the International Association of Computer Investigative Specialists (IACIS), and I have seen his involvement within our community, and know that he is always happy to share what he knows with others in our community. With this book, he has stepped up to the plate to share what is, in my opinion, a really good and solid introductory book in the digital forensics field.

The book itself is written in an easy to read tone, and while technically accurate, is not so technically complex that it would throw off someone entering digital forensics for the first time. The book covers the types of investigations that are typical in digital forensics, the various states of the digital forensics process from start to finish, and specific issues with regards typical forensic artefacts that you will encounter when dealing with a typical Windows endpoint system such as a laptop of desktop.

That being said, I think it is important to point out that this book will provide the most value when dealing with the forensic examination and analysis of computer running the Windows operating system, as the majority of the book focuses on these. If you are looking for the examination and analysis of other operating systems, then this book is not for you (unless of course you are new to the field in which case you would benefit).

While it is not specifically stated in the book, the material covered in the book addresses most of the certification objectives for the Certified Forensic Computer Examiner (CFCE) certification, offered by IACIS. If you are an external candidate planning to achieve this certification, then I would highly recommend this book. In fact, even if you have attended the IACIS BCFE training course and are going to do the certification exam, I would certainly recommend this book to complement your certification preparations.

Well done on a really good book.

5 个人发现此评论有用

页数 : 共370页	更先进的排版模式: 已启用	快速翻书: 已启用
语种：英语

互联网药品信息服务资格证书(京)-非经营性-2012-0005	京公网安备11010502030232号	京ICP备11014788号

增值电信业务经营许可证:合字B2-20090004	营业执照:91110000717883277U	出版物经营许可证

购买选项

或

Learn Computer Forensics: A beginner's guide to searching, analyzing, and securing digital evidence (English Edition) Kindle电子书

Key Features

Book Description

What you will learn

Who this book is for

Table of Contents

基本信息

购买此商品的顾客也同时购买

无顾客评论

评论该商品

此商品在美国亚马逊上最有用的商品评论