Despite efforts to safeguard sensitive data and networks, organizations face an ever-growing threat of cyber crime and security violations. These attacks can occur internally as well as from an external source, and include fraud, copyright infringement, and stolen data. This computer forensics and incident response book provides an organization's internal computer security specialists with a legal method for handling computer misuse as well as a means for securing sensitive data and identifying compromised systems, ultimately saving the organization the high cost of hiring an outside team of computer forensic investigators.
This updated Third Edition includes a comprehensive introduction to computer forensics investigative techniques and provides the knowledge and skills required to conduct a computer forensics investigation from initial discovery to completion. This book also provides the details for an organization's Computer Incident Response Team (CIRT); to collect, manage, and record digital evidence; and to leverage powerful software tools and techniques to uncover hidden or deleted information.
Key topics include: Responding to incidents and investigating computer crime, conducting and managing an investigation, performing disk-based analysis, investigating information-hiding techniques, examining e-mail, tracing internet access, searching memory in real-time, and the forensics challenge competition.