Packt is proud to announce the release of its new book, Computer Forensics with FTK, by Fernando Carbone. The book explores the functionality of FTK Imager and explains how to use its features, with step-by-step guidance on conducting computer investigations. The book has 110 pages and costs $22.99, while the eBook is $11.89.
About the Author:
Fernando Carbone is the Director of the Forensic Technology Services practice in PwC Brazil, based in São Paulo, with more than 15 years of work experience divided between information security and computer forensics. He specializes in assisting companies in digital crime investigations, electronic discovery process, and litigation technical support. He has worked in the financial industry (Unibanco and Itau) for seven years, and has participated in investigation projects and computer forensics involving more than 100,000 assets. He was responsible for the creation of the incident response team at these institutions. He is currently a professor of the computer forensics postgraduate course at Universidade Presbiteriana Mackenzie and Impact Tecnologia. He is certified in EnCE, ACE, CHFI, CEH, Security+, CoBIT, ITIL, ISO 27002, and others. He has a Network Computers degree from Instituto Brasileiro de Tecnologia Avançada (IBTA), a postgraduate degree in Information Security, and a postgraduate degree in Project Management, both from IBTA. This is his first book.
FTK, or Forensic Toolkit, is computer forensics software. The FTK platform, with the ability to collect and analyze digital evidence quickly and with integrity, is a great solution to carrying out activities such as conducting proper audits and tap the use of proper resources. It is extremely useful for conducting digital investigations, which allows a thorough investigation to be conducted through a single tool and ensures the integrity of evidence. Readers will be introduced to the background of Computer Forensics, which includes the types of digital devices that can be acquired and how to prepare for a new investigation.
Readers will also become acquainted with the FTK architecture and learn how to leverage its features in order to help them find evidence as fast as possible. This book will also explain the memory forensics technique, using the memory dump feature of FTK Imager. Furthermore, readers will learn how to extract some important information such as process and DLL information, Sockets, and Driver List Open Handles. It is hard to find technical information on this tool and that’s where this book will come in handy, helping professionals perform their activities more efficiently.
Computer Forensics with FTK covers the following topics:
Chapter 1: Getting Started with Computer Forensics Using FTK
Chapter 2: Working with FTK Imager
Chapter 3: Working with Registry View
Chapter 4: Working with FTK Forensics
Chapter 5: Processing the Case
Chapter 6: New Features of FTK 5
Chapter 7: Working with PRTK
This tutorial-based guide is great for readers who want to conduct digital investigations with an integrated platform. Whether they are new to Computer Forensics or have some experience, this book will help them get started with FTK so they can analyze evidence effectively and efficiently. For more information, please visit http://www.packtpub.com/computer-forensics-with-ftk/book
|Computer Forensics with FTK|
|Conduct increasingly challenging and more applicable digital investigations for generating effective evidence using the FTK platform
For more information, please visit: http://www.packtpub.com/computer-forensics-with-ftk/book