Steve Anson - Böcker
Visar alla böcker från författaren Steve Anson. Handla med fri frakt och snabb leverans.
2 produkter
2 produkter
539 kr
Skickas inom 5-8 vardagar
An authoritative guide to investigating high-technology crimes Internet crime is seemingly ever on the rise, making the need for a comprehensive resource on how to investigate these crimes even more dire. This professional-level book--aimed at law enforcement personnel, prosecutors, and corporate investigators--provides you with the training you need in order to acquire the sophisticated skills and software solutions to stay one step ahead of computer criminals. Specifies the techniques needed to investigate, analyze, and document a criminal act on a Windows computer or networkPlaces a special emphasis on how to thoroughly investigate criminal activity and now just perform the initial responseWalks you through ways to present technically complicated material in simple terms that will hold up in courtFeatures content fully updated for Windows Server 2008 R2 and Windows 7Covers the emerging field of Windows Mobile forensicsAlso included is a classroom support package to ensure academic adoption, Mastering Windows Network Forensics and Investigation, 2nd Edition offers help for investigating high-technology crimes.
335 kr
Skickas inom 7-10 vardagar
Incident response is critical for the active defense of any network, and incident responders need up-to-date, immediately applicable techniques with which to engage the adversary. Applied Incident Response details effective ways to respond to advanced attacks against local and remote network resources, providing proven response techniques and a framework through which to apply them. As a starting point for new incident handlers, or as a technical reference for hardened IR veterans, this book details the latest techniques for responding to threats against your network, including: Preparing your environment for effective incident responseLeveraging MITRE ATT&CK and threat intelligence for active network defenseLocal and remote triage of systems using PowerShell, WMIC, and open-source toolsAcquiring RAM and disk images locally and remotelyAnalyzing RAM with Volatility and RekallDeep-dive forensic analysis of system drives using open-source or commercial toolsLeveraging Security Onion and Elastic Stack for network security monitoringTechniques for log analysis and aggregating high-value logsStatic and dynamic analysis of malware with YARA rules, FLARE VM, and Cuckoo SandboxDetecting and responding to lateral movement techniques, including pass-the-hash, pass-the-ticket, Kerberoasting, malicious use of PowerShell, and many moreEffective threat hunting techniquesAdversary emulation with Atomic Red TeamImproving preventive and detective controls