Computer Forensics with FTK

Written by a specialist in digital crime, this book helps you leverage the power of the FTK platform to conduct penetrating computer forensic investigations. With a step-by-step approach, it clarifies even the most complex processes.
Preview in Mapt
Code Files

Computer Forensics with FTK

Fernando Carbone

Written by a specialist in digital crime, this book helps you leverage the power of the FTK platform to conduct penetrating computer forensic investigations. With a step-by-step approach, it clarifies even the most complex processes.
Mapt Subscription
FREE
$20.83/m after trial
eBook
$9.80
RRP $13.99
Save 29%
Print + eBook
$22.99
RRP $22.99
What do I get with a Mapt Pro subscription?
  • Unlimited access to all Packt’s 5,000+ eBooks and Videos
  • Early Access content, Progress Tracking, and Assessments
  • 1 Free eBook or Video to download and keep every month after trial
What do I get with an eBook?
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with Print & eBook?
  • Get a paperback copy of the book delivered to you
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with a Video?
  • Download this Video course in MP4 format
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
$0.00
$9.80
$22.99
$20.83p/m after trial
RRP $13.99
RRP $22.99
Subscription
eBook
Print + eBook
Start 30 Day Trial

Frequently bought together


Computer Forensics with FTK Book Cover
Computer Forensics with FTK
$ 13.99
$ 9.80
Getting started with Azure Serverless computing with Node.js [Video] Book Cover
Getting started with Azure Serverless computing with Node.js [Video]
$ 124.99
$ 106.25
Buy 2 for $27.30
Save $111.68
Add to Cart
Subscribe and access every Packt eBook & Video.
 
  • 5,000+ eBooks & Videos
  • 50+ New titles a month
  • 1 Free eBook/Video to keep every month
Start Free Trial
 

Book Details

ISBN 139781783559022
Paperback110 pages

Book Description

With the increase of electronic crimes and the need to constantly audit the proper use of resources, companies need qualified professionals and appropriate tools to carry out these activities. The FTK platform, with the ability to collect and analyze digital evidence quickly and with integrity, is a great solution to help professionals achieve these goals. It is extremely useful for conducting digital investigations, helping you conduct a thorough investigation through a single tool and ensure the integrity of evidence. It is hard to find technical information on this tool and that’s where this book will come in handy, helping professionals perform their activities with greater excellence.

This tutorial leads by example, providing you with everything you need to use FTK and the tools included such as FTK Imager, Registry View, and PRTK in order to enhance your Computer Forensics knowledge in an easier and more efficient way.

You will be introduced to the background of Computer Forensics, which include the types of digital devices that can be acquired and how to prepare for a new case of investigation. You will become acquainted with the FTK architecture and learn how to leverage its features in order to help you find the evidence as fast as possible. Through this book, you will also learn the memory forensics technique using the memory dump feature of FTK Imager. Furthermore, you will learn how to extract some important information such as process and DLL information, Sockets, and Driver List Open Handles.

To conclude your tutorial, you will learn how to extract information from Windows Registry and how to recover passwords from the system and files. You will find this book an invaluable supplement to teach you all the steps required for the completion of investigations on digital media and to generate consistent and irrefutable evidence in court.

Table of Contents

Chapter 1: Getting Started with Computer Forensics Using FTK
Downloading FTK
Summary
Chapter 2: Working with FTK Imager
Data storage media
Acquisition tools
Image formats
The FTK Imager interface
The FTK Imager functionality
Summary
Chapter 3: Working with Registry View
Understanding the Windows registry structure
The main feature of Registry Viewer
Integrating with FTK
Summary
Chapter 4: Working with FTK Forensics
Introducing computer forensics and FTK
Managing groups and users
Creating a new investigation case
Summary
Chapter 5: Processing the Case
Changing the time zone
Mounting compound files
File and folder export
Column settings
Creating and managing bookmarks
The Additional Analysis feature
Carving the data
Narrowing the case with KFF
Searching the case
Working with filters
Reporting the case
Summary
Chapter 6: New Features of FTK 5
Distributed processing
Encryption support
Data visualization
The Single-node enterprise
Advanced volatile and memory analysis
Explicit Image Detection
Malware triage and analysis with Cerberus
Mobile Phone Examiner
Summary
Chapter 7: Working with PRTK
An overview of PRTK
Understanding the PRTK interface
Creating and managing dictionaries
Starting a session for password recovery
DNA
Summary

What You Will Learn

  • Get started with Computer Forensics using the FTK platform to conduct your digital investigation
  • Acquire different types of digital devices with integrity
  • Find evidence in Windows registry hives using Registry View
  • Understand the use of PRTK for password recovery
  • Narrowing the case using filters and keyword searches
  • Analyze Internet artifacts and e-mail messages
  • Report results using the bookmarks features
  • Learn tips and tricks to get the most out of your digital investigation results

Authors

Table of Contents

Chapter 1: Getting Started with Computer Forensics Using FTK
Downloading FTK
Summary
Chapter 2: Working with FTK Imager
Data storage media
Acquisition tools
Image formats
The FTK Imager interface
The FTK Imager functionality
Summary
Chapter 3: Working with Registry View
Understanding the Windows registry structure
The main feature of Registry Viewer
Integrating with FTK
Summary
Chapter 4: Working with FTK Forensics
Introducing computer forensics and FTK
Managing groups and users
Creating a new investigation case
Summary
Chapter 5: Processing the Case
Changing the time zone
Mounting compound files
File and folder export
Column settings
Creating and managing bookmarks
The Additional Analysis feature
Carving the data
Narrowing the case with KFF
Searching the case
Working with filters
Reporting the case
Summary
Chapter 6: New Features of FTK 5
Distributed processing
Encryption support
Data visualization
The Single-node enterprise
Advanced volatile and memory analysis
Explicit Image Detection
Malware triage and analysis with Cerberus
Mobile Phone Examiner
Summary
Chapter 7: Working with PRTK
An overview of PRTK
Understanding the PRTK interface
Creating and managing dictionaries
Starting a session for password recovery
DNA
Summary

Book Details

ISBN 139781783559022
Paperback110 pages
Read More

Read More Reviews

Recommended for You

Kali Linux - Assuring Security by Penetration Testing Book Cover
Kali Linux - Assuring Security by Penetration Testing
$ 26.99
$ 18.90
Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide Book Cover
Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide
$ 35.99
$ 7.20
Practical Mobile Forensics Book Cover
Practical Mobile Forensics
$ 35.99
$ 25.20
Kali Linux Cookbook Book Cover
Kali Linux Cookbook
$ 24.99
$ 5.00
Network Analysis using Wireshark Cookbook Book Cover
Network Analysis using Wireshark Cookbook
$ 29.99
$ 6.00
Microsoft Windows Intune 2.0: Quickstart Administration Book Cover
Microsoft Windows Intune 2.0: Quickstart Administration
$ 29.99
$ 21.00