![]() He has testified in court on numerous occasions as a computer forensics expert. He has conducted computer forensic examinations for numerous local, state, and federal agencies on a variety of cases, including extortion, homicide, embezzlement, child exploitation, intellectual property theft, and unlawful intrusions into computer systems. He has a bachelor’s degree in applied professions/business management from Wilmington College and aĬomputer applications certificate in network environments from the University of Delaware. He was the recipient of the 2002 Guidance Software Certified Examiner Award of Excellence. He is a Certified Computer Forensics Technician (CCFT) and an EnCase Certified Examiner (EnCE). He has more than thirty years experience in law enforcement, and his background in computer forensics is extensive. Steve Bunting is a captain with the University of Delaware Police Department, where he is responsible for computer forensics, video forensics, and investigations involving computers. He has conducted investigations involving large-scale computer intrusions, counterterrorism, crimes against children, and many other offenses involving the substantive use of computers. He also founded and supervised a local police department computer crime and information services unit and served as a task force agent for the FBI. ![]() As a former contract instructor for the FBI, he has taught hundreds of veteran federal agents, state and local police officers, and intelligence agency employees techniques for conducting computer-intrusion investigations. He has a master’s degree in computer science as well as numerous industry certifications. Steve Anson, CISSP, MCSE, is a special agent with the Pentagon’s Defense Criminal Investigative Service. Presenting technically complicated material to juries About the Authors Using EnCase(r) for Windows event log analysis Understanding how attackers exploit Windows networksĭeciphering Windows file systems, registries, and moreĪnalyzing data rapidly using live analysis techniques ![]() Responding to a reported computer intrusionĬonducting the initial interview with the victims The book also covers the emerging field of "live forensics," where investigators examine a system to obtain evidence while it is still running, thus preserving live data that may be lost if the system is shut down. From recognizing high-tech criminal activity and collecting evidence to presenting it in a way that judges and juries can understand, this book covers the range of skills, standards, and step-by-step procedures you'll need to conduct a criminal investigation in a Windows environment and make your evidence stand up in court. ![]() Now you can get the training you need in this comprehensive guide from two seasoned law enforcement professionals. Whether it's phishing, bank fraud, or unlawful hacking, computer crimes are on the rise, and law enforcement personnel who investigate these crimes must learn how to properly gather forensic evidence in the computer age. Table of Contents Mastering Windows Network Forensics and Investigation Introduction Part 1 - Understanding and Exploiting Windows Networks Chapter - Network Investigation Overview 1 Chapter - The Microsoft Network Structure 2 Chapter - Beyond the Windows GUI 3 Chapter - Windows Password Issues 4 Chapter - Windows Ports and Services 5 Part 2 - Analyzing the Computer Chapter - Live-Analysis Techniques 6 Chapter - Windows File Systems 7 Chapter - The Registry Structure 8 Chapter - Registry Evidence 9 Chapter - Tool Analysis 10 Part 3 - Analyzing the Logs Chapter - Text-Based Logs 11 Chapter - Windows Event Logs 12 Chapter - Logon and Account Logon Events 13 Chapter - Other Audit Events 14Ĭhapter - Forensic Analysis of Event Logs 15 Chapter - Presenting the Results 16 Append - The Bottom Line ix A Index List of Figures List of Tables List of Code Examples List of Sidebarsīack Cover Conduct Cutting-Edge Forensic Investigations of Computer Crimes. Mastering Windows Network Forensics and Investigation bySteve AnsonandSteve Bunting Sybex 2007 (552 pages) ISBN:9780470097625 Written by two seasoned law enforcement professionals, this guide covers the range of skills, standards, and step-by-step procedures you'll need to conduct a criminal investigation in a Windows environment and make your evidence stand up in court.
0 Comments
Leave a Reply. |