Windows Forensics: The Field Guide for Corporate Computer Investigations | |
by Chad Steel | |
John Wiley & Sons 2006 (402 pages) | |
ISBN:9780470038628 | |
Whether you are contemplating a career in this growing field or are already an analyst in a Unix/Linux environment, this book prepares you to combat computer crime in the Windows world. |
Table of Contents | |||
Windows Forensics ”The Field Guide for Conducting Corporate Computer Investigations | |||
Chapter 1 | - | Windows Forensics | |
Chapter 2 | - | Processing the Digital Crime Scene | |
Chapter 3 | - | Windows Forensics Basics | |
Chapter 4 | - | Partitions and File Systems | |
Chapter 5 | - | Directory Structure and Special Files | |
Chapter 6 | - | The Registry | |
Chapter 7 | - | Forensic Analysis | |
Chapter 8 | - | Live System Analysis | |
Chapter 9 | - | Forensic Duplication | |
Chapter 10 | - | File System Analysis | |
Chapter 11 | - | Log File Analysis | |
Chapter 12 | - | Internet Usage Analysis | |
Chapter 13 | - | Email Investigations | |
Appendix A | - | Sample Chain of Custody Form | |
Appendix B | - | Master Boot Record Layout | |
Appendix C | - | Partition Types | |
Appendix D | - | FAT32 Boot Sector Layout | |
Appendix E | - | NTFS Boot Sector Layout | |
Appendix F | - | NTFS Metafiles | |
Appendix G | - | Well-Known SIDs | |
List of Figures | |||
List of Tables | |||
List of Sidebars |