Computer Forensics with FTK
|Also available on:|
- Receive step-by-step guidance on conducting computer investigations
- Explore the functionality of FTK Imager and learn to use its features effectively
- Conduct increasingly challenging and more applicable digital investigations for generating effective evidence using the FTK platform
Book DetailsLanguage : English
Paperback : 110 pages [ 235mm x 191mm ]
Release Date : March 2014
ISBN : 1783559020
ISBN 13 : 9781783559022
Author(s) : Fernando Carbone
Topics and Technologies : All Books, Other
Table of Contents
Chapter 1: Getting Started with Computer Forensics Using FTK
Chapter 2: Working with FTK Imager
Chapter 3: Working with Registry View
Chapter 4: Working with FTK Forensics
Chapter 5: Processing the Case
Chapter 6: New Features of FTK 5
Chapter 7: Working with PRTK
Please let us know if you have found any errors not listed on this list by completing our errata submission form. Our editors will check them and add them to this list. Thank you.
Errata- 1 submitted: last submission 21 Mar 2014
Page no. 23 | Errata type: Layout
The step number 5 appearing on this page is part of the step number 4 without the numbered bullet 5.
This way, the step just before the screenshot on this page should be as follows:
4. Click on Capture Memory to start the process as shown in the following screenshot:
What you will learn from this book
- Get started with Computer Forensics using the FTK platform to conduct your digital investigation
- Acquire different types of digital devices with integrity
- Find evidence in Windows registry hives using Registry View
- Understand the use of PRTK for password recovery
- Narrowing the case using filters and keyword searches
- Analyze Internet artifacts and e-mail messages
- Report results using the bookmarks features
- Learn tips and tricks to get the most out of your digital investigation results
With the increase of electronic crimes and the need to constantly audit the proper use of resources, companies need qualified professionals and appropriate tools to carry out these activities. The FTK platform, with the ability to collect and analyze digital evidence quickly and with integrity, is a great solution to help professionals achieve these goals. It is extremely useful for conducting digital investigations, helping you conduct a thorough investigation through a single tool and ensure the integrity of evidence. It is hard to find technical information on this tool and that’s where this book will come in handy, helping professionals perform their activities with greater excellence.
This tutorial leads by example, providing you with everything you need to use FTK and the tools included such as FTK Imager, Registry View, and PRTK in order to enhance your Computer Forensics knowledge in an easier and more efficient way.
You will be introduced to the background of Computer Forensics, which include the types of digital devices that can be acquired and how to prepare for a new case of investigation. You will become acquainted with the FTK architecture and learn how to leverage its features in order to help you find the evidence as fast as possible. Through this book, you will also learn the memory forensics technique using the memory dump feature of FTK Imager. Furthermore, you will learn how to extract some important information such as process and DLL information, Sockets, and Driver List Open Handles.
To conclude your tutorial, you will learn how to extract information from Windows Registry and how to recover passwords from the system and files. You will find this book an invaluable supplement to teach you all the steps required for the completion of investigations on digital media and to generate consistent and irrefutable evidence in court.
This tutorial contains detailed instructions with useful integrated examples that help you understand the main features of FTK and how you can use it to analyze evidence. This book has clear and concise guidance in an easily accessible format.
Who this book is for
This tutorial-based guide is great for you if you want to conduct digital investigations with an integrated platform. Whether you are new to Computer Forensics or have some experience, this book will help you get started with FTK so you can analyze evidence effectively and efficiently. If you are a law enforcement official, corporate security, or IT professional who needs to evaluate the evidentiary value of digital evidence, then this book is ideal for you.