Digital Forensics and Incident Response

A practical guide to deploying digital forensic techniques in response to cyber security incidents
Preview in Mapt
Code Files

Digital Forensics and Incident Response

Gerard Johansen

1 customer reviews
A practical guide to deploying digital forensic techniques in response to cyber security incidents
Mapt Subscription
FREE
$29.99/m after trial
eBook
$25.20
RRP $35.99
Save 29%
Print + eBook
$44.99
RRP $44.99
What do I get with a Mapt Pro subscription?
  • Unlimited access to all Packt’s 5,000+ eBooks and Videos
  • Early Access content, Progress Tracking, and Assessments
  • 1 Free eBook or Video to download and keep every month after trial
What do I get with an eBook?
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with Print & eBook?
  • Get a paperback copy of the book delivered to you
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with a Video?
  • Download this Video course in MP4 format
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
$0.00
$25.20
$44.99
$29.99 p/m after trial
RRP $35.99
RRP $44.99
Subscription
eBook
Print + eBook
Start 30 Day Trial

Frequently bought together


Digital Forensics and Incident Response Book Cover
Digital Forensics and Incident Response
$ 35.99
$ 25.20
Serverless Design Patterns and Best Practices Book Cover
Serverless Design Patterns and Best Practices
$ 35.99
$ 25.20
Buy 2 for $35.00
Save $36.98
Add to Cart

Book Details

ISBN 139781787288683
Paperback324 pages

Book Description

Digital Forensics and Incident Response will guide you through the entire spectrum of tasks associated with incident response, starting with preparatory activities associated with creating an incident response plan and creating a digital forensics capability within your own organization. You will then begin a detailed examination of digital forensic techniques including acquiring evidence, examining volatile memory, hard drive assessment, and network-based evidence. You will also explore the role that threat intelligence plays in the incident response process. Finally, a detailed section on preparing reports will help you prepare a written report for use either internally or in a courtroom.

By the end of the book, you will have mastered forensic techniques and incident response and you will have a solid foundation on which to increase your ability to investigate such incidents in your organization.

Table of Contents

Chapter 1: Incident Response
The incident response process
The incident response framework
The incident response plan
The incident response playbook
Summary
Chapter 2: Forensic Fundamentals
Legal aspects
Digital forensic fundamentals
Summary
Chapter 3: Network Evidence Collection
Preparation
Network device evidence
Packet capture
Evidence collection
Summary
Chapter 4: Acquiring Host-Based Evidence
Preparation
Evidence volatility
Evidence acquisition
Evidence collection procedures
Non-volatile data
Summary
Chapter 5: Understanding Forensic Imaging
Overview of forensic imaging
Preparing a stage drive
Imaging
Summary
Chapter 6: Network Evidence Analysis
Analyzing packet captures
Analyzing network log files
Summary
Chapter 7: Analyzing System Memory
Memory evidence overview
Memory analysis
Summary
Chapter 8: Analyzing System Storage
Forensic platforms
Summary
Chapter 9: Forensic Reporting
Documentation overview
Incident tracking
Written reports
Summary
Chapter 10: Malware Analysis
Malware overview
Malware analysis overview
Analyzing malware
Dynamic analysis
Summary
Chapter 11: Threat Intelligence
Threat intelligence overview
Threat intelligence methodology
Threat intelligence direction
Threat intelligence sources
Threat intelligence platforms
Using threat intelligence
Summary

What You Will Learn

  • Create and deploy incident response capabilities within your organization
  • Build a solid foundation for acquiring and handling suitable evidence for later analysis
  • Analyze collected evidence and determine the root cause of a security incident
  • Learn to integrate digital forensic techniques and procedures into the overall incident response process
  • Integrate threat intelligence in digital evidence analysis
  • Prepare written documentation for use internally or with external parties such as regulators or law enforcement agencies

Authors

Table of Contents

Chapter 1: Incident Response
The incident response process
The incident response framework
The incident response plan
The incident response playbook
Summary
Chapter 2: Forensic Fundamentals
Legal aspects
Digital forensic fundamentals
Summary
Chapter 3: Network Evidence Collection
Preparation
Network device evidence
Packet capture
Evidence collection
Summary
Chapter 4: Acquiring Host-Based Evidence
Preparation
Evidence volatility
Evidence acquisition
Evidence collection procedures
Non-volatile data
Summary
Chapter 5: Understanding Forensic Imaging
Overview of forensic imaging
Preparing a stage drive
Imaging
Summary
Chapter 6: Network Evidence Analysis
Analyzing packet captures
Analyzing network log files
Summary
Chapter 7: Analyzing System Memory
Memory evidence overview
Memory analysis
Summary
Chapter 8: Analyzing System Storage
Forensic platforms
Summary
Chapter 9: Forensic Reporting
Documentation overview
Incident tracking
Written reports
Summary
Chapter 10: Malware Analysis
Malware overview
Malware analysis overview
Analyzing malware
Dynamic analysis
Summary
Chapter 11: Threat Intelligence
Threat intelligence overview
Threat intelligence methodology
Threat intelligence direction
Threat intelligence sources
Threat intelligence platforms
Using threat intelligence
Summary

Book Details

ISBN 139781787288683
Paperback324 pages
Read More
From 1 reviews

Read More Reviews

Recommended for You

Penetration Testing Bootcamp Book Cover
Penetration Testing Bootcamp
$ 35.99
$ 25.20
Metasploit for Beginners Book Cover
Metasploit for Beginners
$ 27.99
$ 19.60
Metasploit Bootcamp Book Cover
Metasploit Bootcamp
$ 35.99
$ 25.20
Statistics for Machine Learning Book Cover
Statistics for Machine Learning
$ 39.99
$ 28.00
Mastering Active Directory Book Cover
Mastering Active Directory
$ 47.99
$ 33.60
Serverless Design Patterns and Best Practices Book Cover
Serverless Design Patterns and Best Practices
$ 35.99
$ 25.20