?If your job requires investigating compromised Windows hosts, you must read Windows Forensic Analysis.? ?Richard Bejtlich, Coauthor of Real Digital Forensics and Amazon.com Top 500 Book Reviewer
?The Registry Analysis chapter alone is worth the price of the book.? ?Troy Larson, Senior Forensic Investigator of Microsoft?s IT Security Group
?I also found that the entire book could have been written on just registry forensics. However, in order to create broad appeal, the registry section was probably shortened. You can tell Harlan has a lot more to tell.? ?Rob Lee, Instructor and Fellow at the SANS Technology Institute, coauthor of Know Your Enemy: Learning About Security Threats, 2E
Windows Forensic Analysis DVD Toolkit, 2E replaces the first edition as the most comprehensive and thorough resource on incident response and forensic analysis of Windows systems available, providing information and resources not available anywhere else. This book covers both live and post-mortem response collection and analysis methodologies, addressing material that is applicable to law enforcement, the federal government, students, and consultants. It also brings this material to the doorstep of system administrators, who are often the frontline troops when an incident occurs, but due to staffing and budgets do not have the necessary knowledge to respond effectively. The companion DVD contains significant new and updated materials (movies, spreadsheet, code, etc.) not available any place else, because they were created and maintained by the author.
In the two years since the first edition was originally published, cybercrime has continued to increase, and the criminals committing the crimes have continued to become more sophisticated. Analysts and investigators need up-to-date information to stay one step ahead, whether they?re examining a
CD-ROM or DVD not included in the ebook version
We do not deliver the extra material sometimes included in printed books (CDs or DVDs).