Mastering Windows Network Forensics and Investigation
This comprehensive guide provides you with the training you need to arm yourself against phishing, bank fraud, unlawful hacking, and other computer crimes. Two seasoned law enforcement professionals discuss everything from recognizing high-tech criminal activity and collecting evidence to presenting it in a way that judges and juries can understand. They cover the range of skills, standards, and step-by-step procedures you’ll need to conduct a criminal investigation in a Windows environment and make your evidence stand up in court.
What people are saying - Write a review
We haven't found any reviews in the usual places.
account logon events Active Directory analysis attacker audit authentication batch file bookmark Chapter client command compromised configured connection contains created default deleted Description field DHCP directory entry domain account domain controller EnCase encrypted Event ID event log files Event Viewer evidence examine example execution file server file system filter folder forensic function hacker header host hyperlink installed intruder IP address Kerberos Kernel Mode LanMan hash live-analysis located Log Parser MAC address machine malware Master It Solution Microsoft netstat network investigation NTFS NTLM operating system option pane permissions port query record Registry key regmon remote request restore point rootkit shown in Figure shows stored string target timestamp tool user account victim system Windows event log Windows Firewall Windows NT Windows Server 2003 Windows systems Windows XP