Summary:Learn secrets and strategies for recovering from computer crime incidents.
Incident Response: Investigating Computer Crime describes the methods and techniques necessary to perform a professional and successful response to computer security incidents.
Key features include:
- Provides an insider's perspective on the incident response process that has never been disclosed or published!
- Includes real case scenarios with insightful tips on how to respond to computer crime incidents.
- Gain FBI insider information from authors Chris Prosise and Kevin Mandia who are well-recognized network security, forensics and incident response trainers and consultants.
Respond to security breaches and hacker attacks the right way with help from this insightful and practical guide. You'll get details on the entire computer forensic process and learn the importance of following specific procedures immediately after a computer crime incident occurs. Investigate various software including UNIX, Windows NT, Windows 2000, and application servers. Packed with technical examples and loads of how-to scenarios, this book will show you how to recognize unauthorized access, uncover unusual or hidden files, and monitor Web traffic. Detailed, authoritative, and up to date--
Incident Response is the only book you need.
- Plan and prepare for all stages of an investigation--including detection, initial response, management interaction, and more
- Learn the importance of evidence handling and storage
- Perform a "trap and trace" and learn network protocols
- Monitor network traffic and detect illicit servers and covert channels
- Investigate Web server attacks, DNS attacks, and router attacks
