MARC details
| 000 -LEADER |
|---|
| fixed length control field |
02606nam a2200241Ia 4500 |
| 003 - CONTROL NUMBER IDENTIFIER |
|---|
| control field |
NULRC |
| 005 - DATE AND TIME OF LATEST TRANSACTION |
|---|
| control field |
20250520100607.0 |
| 008 - FIXED-LENGTH DATA ELEMENTS--GENERAL INFORMATION |
|---|
| fixed length control field |
250520s9999 xx 000 0 und d |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
|---|
| International Standard Book Number |
9781597497275 |
| 040 ## - CATALOGING SOURCE |
|---|
| Transcribing agency |
NULRC |
| 050 ## - LIBRARY OF CONGRESS CALL NUMBER |
|---|
| Classification number |
HV 8079.C65 .C37 2012 |
| 100 ## - MAIN ENTRY--PERSONAL NAME |
|---|
| Personal name |
Carvey, Harlan A. |
| Relator term |
author |
| 245 #0 - TITLE STATEMENT |
|---|
| Title |
Windows forensic analysis toolkit : |
| Remainder of title |
advanced analysis techniques for Windows 7 / |
| Statement of responsibility, etc. |
Harlan Carvey |
| 250 ## - EDITION STATEMENT |
|---|
| Edition statement |
Third edition. |
| 260 ## - PUBLICATION, DISTRIBUTION, ETC. |
|---|
| Place of publication, distribution, etc. |
Rockland, Massachusetts : |
| Name of publisher, distributor, etc. |
Syngress, |
| Date of publication, distribution, etc. |
c2012 |
| 300 ## - PHYSICAL DESCRIPTION |
|---|
| Extent |
xxi, 296 pages : |
| Other physical details |
illustrations ; |
| Dimensions |
24 cm. |
| 365 ## - TRADE PRICE |
|---|
| Price amount |
USD57.05 |
| 504 ## - BIBLIOGRAPHY, ETC. NOTE |
|---|
| Bibliography, etc. note |
Includes bibliographical references. |
| 505 ## - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Chapter 1 Analysis Concepts -- Chapter 2 Immediate response -- Chapter 3 Volume shadow copies -- Chapter 4 File analysis -- Chapter 5 Registry analysis -- Chapter 6 Malware detection -- Chapter 7 Timeline analysis -- Chapter 8 Application analysis. |
| 520 ## - SUMMARY, ETC. |
|---|
| Summary, etc. |
Windows Forensic Analysis Toolkit: Advanced Analysis Techniques for Windows 7 provides an overview of live and postmortem response collection and analysis methodologies for Windows 7. It considers the core investigative and analysis concepts that are critical to the work of professionals within the digital forensic analysis community, as well as the need for immediate response once an incident has been identified. Organized into eight chapters, the book discusses Volume Shadow Copies (VSCs) in the context of digital forensics and explains how analysts can access the wealth of information available in VSCs without interacting with the live system or purchasing expensive solutions. It also describes files and data structures that are new to Windows 7 (or Vista), Windows Registry Forensics, how the presence of malware within an image acquired from a Windows system can be detected, the idea of timeline analysis as applied to digital forensic analysis, and concepts and techniques that are often associated with dynamic malware analysis. Also included are several tools written in the Perl scripting language, accompanied by Windows executables. This book will prove useful to digital forensic analysts, incident responders, law enforcement officers, students, researchers, system administrators, hobbyists, or anyone with an interest in digital forensic analysis of Windows 7 systems. Timely 3e of a Syngress digital forensic bestseller Updated to cover Windows 7 systems, the newest Windows version New online companion website houses checklists, cheat sheets, free tools, and demos. |
| 650 ## - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name entry element |
COMPUTER CRIMES -- INVESTIGATION -- UNITED STATES -- METHODOLOGY |
| 942 ## - ADDED ENTRY ELEMENTS (KOHA) |
|---|
| Source of classification or shelving scheme |
Library of Congress Classification |
| Koha item type |
Books |
