國立高雄大學圖資館 |

語系: 繁體中文

說明(常見問題)

圖資館首頁

登入

回首頁

切換: 標籤 | MARC模式 | ISBD

Windows forensicsunderstand analysis...

Easttom, Chuck.

Windows forensicsunderstand analysis techniques for your windows /

紀錄類型:	書目-電子資源 : Monograph/item
正題名/作者:	Windows forensicsby Chuck Easttom ... [et al.].
其他題名:	understand analysis techniques for your windows /
其他作者:	Easttom, Chuck.
出版者:	Berkeley, CA :Apress :2024.
面頁冊數:	xxiii, 470 p. :ill., digital ;24 cm.
Contained By:	Springer Nature eBook
標題:	Computer crimesInvestigation.
電子資源:	https://doi.org/10.1007/979-8-8688-0193-8
ISBN:	9798868801938$q(electronic bk.)

Windows forensicsunderstand analysis techniques for your windows /
Windows forensicsunderstand analysis techniques for your windows /[electronic resource] :by Chuck Easttom ... [et al.]. - Berkeley, CA :Apress :2024. - xxiii, 470 p. :ill., digital ;24 cm.

Chapter 1: Introduction to Windows -- Chapter 2: Forensics Concepts -- Chapter 3: Creating Forensic Images Using OSForensics, FTK Imager, and Autopsy -- Chapter 4: Windows File Artifacts -- Chapter 5: Windows Registry Part 1 -- Chapter 6: Windows Registry Part 2 -- Chapter 7: Windows Shadow Copy -- Chapter 8: Windows Memory Forensics -- Chapter 9: PowerShell Forensics -- Chapter 10: Web Browser Forensics -- Chapter 11: Windows Email Forensics -- Chapter 12: Microsoft Azure and Cloud Forensics -- Chapter 13: Data-Hiding Techniques in Windows -- Appendix A: Volatility Cheat Sheet -- Appendix B: Windows Registry Cheat Sheet.

This book is your comprehensive guide to Windows forensics. It covers the process of conducting or performing a forensic investigation of systems that run on Windows operating systems. It also includes analysis of incident response, recovery, and auditing of equipment used in executing any criminal activity. The book covers Windows registry, architecture, and systems as well as forensic techniques, along with coverage of how to write reports, legal standards, and how to testify. It starts with an introduction to Windows followed by forensic concepts and methods of creating forensic images. You will learn Windows file artefacts along with Windows Registry and Windows Memory forensics. And you will learn to work with PowerShell scripting for forensic applications and Windows email forensics. Microsoft Azure and cloud forensics are discussed and you will learn how to extract from the cloud. By the end of the book you will know data-hiding techniques in Windows and learn about volatility and a Windows Registry cheat sheet. What Will You Learn Understand Windows architecture Recover deleted files from Windows and the recycle bin Use volatility and PassMark volatility workbench Utilize Windows PowerShell scripting for forensic applications.

ISBN: 9798868801938$q(electronic bk.)

Standard No.: 10.1007/979-8-8688-0193-8doiSubjects--Uniform Titles:

Microsoft Windows (Computer file)
Subjects--Topical Terms:

203448
Computer crimes
--Investigation.

LC Class. No.: QA76.76.M52

Dewey Class. No.: 005.8

Windows forensicsunderstand analysis techniques for your windows /
LDR:02905nmm a2200325 a 4500 001 659579
003 DE-He213
005 20240530101701.0
006 m d
007 cr nn 008maaau
008 240927s2024 cau s 0 eng d
020 $a 9798868801938$q(electronic bk.)
020 $a 9798868801921$q(paper)
024 7 $a 10.1007/979-8-8688-0193-8 $2 doi
035 $a 979-8-8688-0193-8
040 $a GP $c GP
041 0 $a eng
050 4 $a QA76.76.M52
072 7 $a UMP $2 bicssc
072 7 $a COM051380 $2 bisacsh
072 7 $a UMP $2 thema
082 0 4 $a 005.8 $2 23
090 $a QA76.76.M52 $b W765 2024
245 0 0 $a Windows forensics $h [electronic resource] : $b understand analysis techniques for your windows / $c by Chuck Easttom ... [et al.].
260 $a Berkeley, CA : $b Apress : $b Imprint: Apress, $c 2024.
300 $a xxiii, 470 p. : $b ill., digital ; $c 24 cm.
505 0 $a Chapter 1: Introduction to Windows -- Chapter 2: Forensics Concepts -- Chapter 3: Creating Forensic Images Using OSForensics, FTK Imager, and Autopsy -- Chapter 4: Windows File Artifacts -- Chapter 5: Windows Registry Part 1 -- Chapter 6: Windows Registry Part 2 -- Chapter 7: Windows Shadow Copy -- Chapter 8: Windows Memory Forensics -- Chapter 9: PowerShell Forensics -- Chapter 10: Web Browser Forensics -- Chapter 11: Windows Email Forensics -- Chapter 12: Microsoft Azure and Cloud Forensics -- Chapter 13: Data-Hiding Techniques in Windows -- Appendix A: Volatility Cheat Sheet -- Appendix B: Windows Registry Cheat Sheet.
520 $a This book is your comprehensive guide to Windows forensics. It covers the process of conducting or performing a forensic investigation of systems that run on Windows operating systems. It also includes analysis of incident response, recovery, and auditing of equipment used in executing any criminal activity. The book covers Windows registry, architecture, and systems as well as forensic techniques, along with coverage of how to write reports, legal standards, and how to testify. It starts with an introduction to Windows followed by forensic concepts and methods of creating forensic images. You will learn Windows file artefacts along with Windows Registry and Windows Memory forensics. And you will learn to work with PowerShell scripting for forensic applications and Windows email forensics. Microsoft Azure and cloud forensics are discussed and you will learn how to extract from the cloud. By the end of the book you will know data-hiding techniques in Windows and learn about volatility and a Windows Registry cheat sheet. What Will You Learn Understand Windows architecture Recover deleted files from Windows and the recycle bin Use volatility and PassMark volatility workbench Utilize Windows PowerShell scripting for forensic applications.
630 0 0 $a Microsoft Windows (Computer file) $3 202481
650 0 $a Computer crimes $x Investigation. $3 203448
650 0 $a Computer networks $x Security measures. $3 185597
650 0 $a Computer security. $3 184416
650 1 4 $a Microsoft. $3 915087
700 1 $a Easttom, Chuck. $3 238061
710 2 $a SpringerLink (Online service) $3 273601
773 0 $t Springer Nature eBook
856 4 0 $u https://doi.org/10.1007/979-8-8688-0193-8
950 $a Professional and Applied Computing (SpringerNature-12059)