Book picks similar to
Guide to Computer Forensics and Investigations (Book & CD) by Bill Nelson
textbooks
forensics
tech
textbook
Digital Evidence and Computer Crime: Forensic Science, Computers and the Internet
Eoghan Casey - 1999
Though an increasing number of criminals are using computers and computer networks, few investigators are well-versed in the evidentiary, technical, and legal issues related to digital evidence. As a result, digital evidence is often overlooked, collected incorrectly, and analyzed ineffectively. The aim of this hands-on resource is to educate students and professionals in the law enforcement, forensic science, computer security, and legal communities about digital evidence and computer crime. This work explains how computers and networks function, how they can be involved in crimes, and how they can be used as a source of evidence. As well as gaining a practical understanding of how computers and networks function and how they can be used as evidence of a crime, readers will learn about relevant legal issues and will be introduced to deductive criminal profiling, a systematic approach to focusing an investigation and understanding criminal motivations. Readers will receive access to the author's accompanying Web site which contains simulated cases that integrate many of the topics covered in the text. Frequently updated, these cases teaching individuals about: • Components of computer networks • Use of computer networks in an investigation • Abuse of computer networks • Privacy and security issues on computer networks • The law as it applies to computer networks• Provides a thorough explanation of how computers and networks function, how they can be involved in crimes, and how they can be used as a source of evidence • Offers readers information about relevant legal issues • Features coverage of the abuse of computer networks and privacy and security issues on computer networks• Free unlimited access to author's Web site which includes numerous and frequently updated case examples
The Basics of Digital Forensics: The Primer for Getting Started in Digital Forensics
John Sammons - 2011
This book teaches you how to conduct examinations by explaining what digital forensics is, the methodologies used, key technical concepts and the tools needed to perform examinations. Details on digital forensics for computers, networks, cell phones, GPS, the cloud, and Internet are discussed. Readers will also learn how to collect evidence, document the scene, and recover deleted data. This is the only resource your students need to get a jump-start into digital forensics investigations.This book is organized into 11 chapters. After an introduction to the basics of digital forensics, the book proceeds with a discussion of key technical concepts. Succeeding chapters cover labs and tools; collecting evidence; Windows system artifacts; anti-forensics; Internet and email; network forensics; and mobile device forensics. The book concludes by outlining challenges and concerns associated with digital forensics. PowerPoint lecture slides are also available.This book will be a valuable resource for entry-level digital forensics professionals as well as those in complimentary fields including law enforcement, legal, and general information security.
File System Forensic Analysis
Brian Carrier - 2005
Now, security expert Brian Carrier has written the definitive reference for everyone who wants to understand and be able to testify about how file system analysis is performed. Carrier begins with an overview of investigation and computer foundations and then gives an authoritative, comprehensive, and illustrated overview of contemporary volume and file systems: Crucial information for discovering hidden evidence, recovering deleted data, and validating your tools. Along the way, he describes data structures, analyzes example disk images, provides advanced investigation scenarios, and uses today's most valuable open source file system analysis tools--including tools he personally developed. Coverage includes Preserving the digital crime scene and duplicating hard disks for dead analysis Identifying hidden data on a disk's Host Protected Area (HPA) Reading source data: Direct versus BIOS access, dead versus live acquisition, error handling, and more Analyzing DOS, Apple, and GPT partitions; BSD disk labels; and Sun Volume Table of Contents using key concepts, data structures, and specific techniques Analyzing the contents of multiple disk volumes, such as RAID and disk spanning Analyzing FAT, NTFS, Ext2, Ext3, UFS1, and UFS2 file systems using key concepts, data structures, and specific techniques Finding evidence: File metadata, recovery of deleted files, data hiding locations, and more Using The Sleuth Kit (TSK), Autopsy Forensic Browser, and related open source tools When it comes to file system analysis, no other book offers this much detail or expertise. Whether you're a digital forensics specialist, incident response team member, law enforcement officer, corporate security specialist, or auditor, this book will become an indispensable resource for forensic investigations, no matter what analysis tools you use.
Network Security Essentials: Applications and Standards
William Stallings - 1999
Covers e-mail security, IP security, Web security, and network management security. Includes a concise section on the discipline of cryptography-covering algorithms and protocols underlying network security applications, encryption, hash functions, digital signatures, and key exchange. For system engineers, engineers, programmers, system managers, network managers, product marketing personnel, and system support specialists.
Hacking Exposed: Network Security Secrets & Solutions
Joel Scambray - 2003
Rather than being a sideline participant, leverage the valuable insights Hacking Exposed 6 provides to help yourself, your company, and your country fight cyber-crime." From the Foreword by Dave DeWalt, President and CEO, McAfee, Inc."For security to be successful in any company, you must ‘think evil' and be attuned to your ‘real risk'...Hacking Expose 6 defines both." Patrick Heim, CISO, Kaiser Permanente"The definitive resource to understanding the hacking mindset and the defenses against it." Vince Rossi, CEO & President, St. Bernard Software"Identity theft costs billions every year and unless you understand the threat, you will be destined to be a victim of it. Hacking Exposed 6 gives you the tools you need to prevent being a victim." Bill Loesch, CTO, Guard ID Systems"This book is current, comprehensive, thoughtful, backed by experience, and appropriately free of vendor-bias-prized features for any security practitioner in need of information." Kip Boyle, CISO, PEMCO Mutual Insurance Company"The Hacking Exposed series has become the definitive reference for security professionals from the moment it was first released, and the 6th edition maintains its place on my bookshelf," Jeff Moss, Founder of the popular Black Hat Security ConferenceMeet the formidable demands of security in today's hyperconnected world with expert guidance from the world-renowned Hacking Exposed team. Following the time-tested "attack-countermeasure" philosophy, this 10th anniversary edition has been fully overhauled to cover the latest insidious weapons in the hacker's extensive arsenal.New and updated material:
New chapter on hacking hardware, including lock bumping, access card cloning, RFID hacks, USB U3 exploits, and Bluetooth device hijacking
Updated Windows attacks and countermeasures, including new Vista and Server 2008 vulnerabilities and Metasploit exploits
The latest UNIX Trojan and rootkit techniques and dangling pointer and input validation exploits
New wireless and RFID security tools, including multilayered encryption and gateways
All-new tracerouting and eavesdropping techniques used to target network hardware and Cisco devices
Updated DoS, man-in-the-middle, DNS poisoning, and buffer overflow coverage
VPN and VoIP exploits, including Google and TFTP tricks, SIP flooding, and IPsec hacking
Fully updated chapters on hacking the Internet user, web hacking, and securing code
Comptia Security+: Get Certified Get Ahead: Sy0-301 Study Guide
Darril Gibson - 2011
The SY0-301 version covers every aspect of the SY0-301 exam, and includes the same elements readers raved about in the previous version. Each of the eleven chapters presents topics in an easy to understand manner and includes real-world examples of security principles in action. The author uses many of the same analogies and explanations he's honed in the classroom that have helped hundreds of students master the Security+ content. You'll understand the important and relevant security topics for the Security+ exam, without being overloaded with unnecessary details. Additionally, each chapter includes a comprehensive review section to help you focus on what's important. Over 450 realistic practice test questions with in-depth explanations will help you test your comprehension and readiness for the exam. The book includes a 100 question pre-test, a 100 question post-test, and practice test questions at the end of every chapter. Each practice test question includes a detailed explanation to help you understand the content and the reasoning behind the question. You'll be ready to take and pass the exam the first time you take it. If you plan to pursue any of the advanced security certifications, this guide will also help you lay a solid foundation of security knowledge. Learn this material, and you'll be a step ahead for other exams. This SY0-301 study guide is for any IT or security professional interested in advancing in their field, and a must read for anyone striving to master the basics of IT systems security. The author supplements the book with blog posts here: http: //blogs.getcertifiedgetahead.com/. This page provides a full listing of mobile device apps from the author: http: //learnzapp.com/partners/darrilgibson/
Secrets and Lies: Digital Security in a Networked World
Bruce Schneier - 2000
Identity Theft. Corporate Espionage. National secrets compromised. Can anyone promise security in our digital world?The man who introduced cryptography to the boardroom says no. But in this fascinating read, he shows us how to come closer by developing security measures in terms of context, tools, and strategy. Security is a process, not a product – one that system administrators and corporate executives alike must understand to survive.This edition updated with new information about post-9/11 security.
The Art and Science of Java
Eric S. Roberts - 2007
By following the recommendations of the Association of Computing Machinery's Java Task Force, this first edition text adopts a modern objects-first approach that introduces readers to useful hierarchies from the very beginning.KEY TOPICS: Introduction; Programming by Example; Expressions; Statement Forms; Methods; Objects and Classes; Objects and Memory; Strings and Characters; Object-Oriented Graphics; Event-Driven Programs; Arrays and ArrayLists; Searching and Sorting; Collection Classes; Looking Ahead.MARKET: A modern objects-first approach to the Java programming language that introduces readers to useful class hierarchies from the very beginning.
Principles of Information Security
Michael E. Whitman - 2002
Principles of Information Security, Third Edition builds on internationally recognized standards and bodies of knowledge to provide the knowledge and skills that information systems students need for their future roles as business decision-makers. Coverage includes key knowledge areas of the CISSP (Certified Information Systems Security Professional), as well as risk management, cryptography, physical security, and more. The third edition has retained the real-world examples and scenarios that made previous editions so successful, but has updated the content to reflect technology's latest capabilities and trends. With this emphasis on currency and comprehensive coverage, readers can feel confident that they are using a standards-based, content-driven resource to prepare them for their work in the field.
CCENT/CCNA ICND1 100-105 Official Cert Guide
Wendell Odom - 2016
They are built with the objective of providing assessment, review, and practice to help ensure you are fully prepared for your certification exam. Master Cisco CCENT/CCNA ICND1 100-105 exam topics Assess your knowledge with chapter-opening quizzes Review key concepts with exam preparation tasks This is the eBook edition of the CCENT/CCNA ICND1 100-105 Official Cert Guide. This eBook does not include the companion CD-ROM with practice exam that comes with the print edition. CCENT/CCNA ICND1 100-105 Official Cert Guide presents you with an organized test-preparation routine through the use of proven series elements and techniques. “Do I Know This Already?” quizzes open each chapter and enable you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly. CCENT/CCNA ICND1 100-105 Official Cert Guide from Cisco Press enables you to succeed on the exam the first time and is the only self-study resource approved by Cisco. Best-selling author and expert instructor Wendell Odom shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. This complete study package includes · A test-preparation routine proven to help you pass the exams · Do I Know This Already? quizzes, which enable you to decide how much time you need to spend on each section · Chapter-ending and part-ending exercises, which help you drill on key concepts you must know thoroughly · Troubleshooting sections, which help you master the complex scenarios you will face on the exam · A free copy of the CCENT ICND1 100-105 Network Simulator Lite software, complete with meaningful lab exercises that help you hone your hands-on skills with the command-line interface for routers and switches · Links to a series of hands-on config labs developed by the author · Online, interactive practice exercises that help you hone your knowledge · More than 90 minutes of video mentoring from the author · A final preparation chapter, which guides you through tools and resources to help you craft your review and test-taking strategies · Study plan suggestions and templates to help you organize and optimize your study time Well regarded for its level of detail, study plans, assessment features, challenging review questions and exercises, video instruction, and hands-on labs, this official study guide helps you master the concepts and techniques that ensure your exam success. This official study guide helps you master all the topics on the CCENT/CCNA ICND1 exam, including · Networking fundamentals · Implementing basic Ethernet LANs · Ethernet LANs: design, VLANs, and troubleshooting · IPv4 addressing and subnetting · Implementing IPv4 · IPv4 design and troubleshooting ...
The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory
Michael Hale Ligh - 2014
As a follow-up to the best seller Malware Analyst's Cookbook, experts in the fields of malware, security, and digital forensics bring you a step-by-step guide to memory forensics--now the most sought after skill in the digital forensics and incident response fields.Beginning with introductory concepts and moving toward the advanced, The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory is based on a five day training course that the authors have presented to hundreds of students. It is the only book on the market that focuses exclusively on memory forensics and how to deploy such techniques properly. Discover memory forensics techniques:How volatile memory analysis improves digital investigations Proper investigative steps for detecting stealth malware and advanced threats How to use free, open source tools for conducting thorough memory forensics Ways to acquire memory from suspect systems in a forensically sound manner The next era of malware and security breaches are more sophisticated and targeted, and the volatile memory of a computer is often overlooked or destroyed as part of the incident response process. The Art of Memory Forensics explains the latest technological innovations in digital forensics to help bridge this gap. It covers the most popular and recently released versions of Windows, Linux, and Mac, including both the 32 and 64-bit editions.
Code Complete
Steve McConnell - 1993
Now this classic book has been fully updated and revised with leading-edge practices--and hundreds of new code samples--illustrating the art and science of software construction. Capturing the body of knowledge available from research, academia, and everyday commercial practice, McConnell synthesizes the most effective techniques and must-know principles into clear, pragmatic guidance. No matter what your experience level, development environment, or project size, this book will inform and stimulate your thinking--and help you build the highest quality code. Discover the timeless techniques and strategies that help you: Design for minimum complexity and maximum creativity Reap the benefits of collaborative development Apply defensive programming techniques to reduce and flush out errors Exploit opportunities to refactor--or evolve--code, and do it safely Use construction practices that are right-weight for your project Debug problems quickly and effectively Resolve critical construction issues early and correctly Build quality into the beginning, middle, and end of your project
The Protocols (TCP/IP Illustrated, Volume 1)
W. Richard Stevens - 1993
In eight chapters, it provides the most thorough coverage of TCP available. It also covers the newest TCP/IP features, including multicasting, path MTU discovery and long fat pipes. The author describes various protocols, including ARP, ICMP and UDP. He utilizes network diagnostic tools to actually show the protocols in action. He also explains how to avoid silly window syndrome (SWS) by using numerous helpful diagrams. This book gives you a broader understanding of concepts like connection establishment, timeout, retransmission and fragmentation. It is ideal for anyone wanting to gain a greater understanding of how the TCP/IP protocols work.
The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws
Dafydd Stuttard - 2007
The authors explain each category of vulnerability using real-world examples, screen shots and code extracts. The book is extremely practical in focus, and describes in detail the steps involved in detecting and exploiting each kind of security weakness found within a variety of applications such as online banking, e-commerce and other web applications. The topics covered include bypassing login mechanisms, injecting code, exploiting logic flaws and compromising other users. Because every web application is different, attacking them entails bringing to bear various general principles, techniques and experience in an imaginative way. The most successful hackers go beyond this, and find ways to automate their bespoke attacks. This handbook describes a proven methodology that combines the virtues of human intelligence and computerized brute force, often with devastating results.The authors are professional penetration testers who have been involved in web application security for nearly a decade. They have presented training courses at the Black Hat security conferences throughout the world. Under the alias "PortSwigger," Dafydd developed the popular Burp Suite of web application hack tools.
Windows PowerShell Cookbook: The Complete Guide to Scripting Microsoft's Command Shell
Lee Holmes - 2007
Intermediate to advanced system administrators will find more than 100 tried-and-tested scripts they can copy and use immediately.Updated for PowerShell 3.0, this comprehensive cookbook includes hands-on recipes for common tasks and administrative jobs that you can apply whether you’re on the client or server version of Windows. You also get quick references to technologies used in conjunction with PowerShell, including format specifiers and frequently referenced registry keys to selected .NET, COM, and WMI classes.Learn how to use PowerShell on Windows 8 and Windows Server 2012Tour PowerShell’s core features, including the command model, object-based pipeline, and ubiquitous scriptingMaster fundamentals such as the interactive shell, pipeline, and object conceptsPerform common tasks that involve working with files, Internet-connected scripts, user interaction, and moreSolve tasks in systems and enterprise management, such as working with Active Directory and the filesystem