Incident Response & Computer Forensics, Third Edition

Part 1 PREPARING FOR THE INEVITABLE INCIDENT
1 Real World Incidents
2 IR Management Handbook
3 Pre-Incident Preparation

Part 2 INCIDENT DETECTION AND CHARACTERIZATION
4 Getting the Investigation Started
5 Initial Development of Leads
6 Discovering the Scope of the Incident

Part 3 DATA COLLECTION
7 Live Data Collection
8 Forensic Duplication
9 Network Evidence
10 Enterprise Services

Part 4 DATA ANALYSIS
11 Analysis Methodology
12 Investigating Windows Systems
13 Investigating MacOS Systems
14 Investigating Applications
15 Malware Triage
16 Report Writing

Part 5 REMEDIATION
17 Remediation Introduction
18 Remediation Case Studies

Part 6 APPENDICES
App A Answers to Questions
App B Incident Response Forms

Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product.The definitive guide to incident response--updated for the first time in a decade!

Thoroughly revised to cover the latest and most effective tools and techniques, Incident Response & Computer Forensics, Third Edition arms you with the information you need to get your organization out of trouble when data breaches occur. This practical resource covers the entire lifecycle of incident response, including preparation, data collection, data analysis, and remediation. Real-world case studies reveal the methodsbehind--and remediation strategies for--today's most insidious attacks.

• Architect an infrastructure that allows for methodical investigation and remediation
• Develop leads, identify indicators of compromise, and determine incident scope
• Collect and preserve live data
• Perform forensic duplication
• Analyze data from networks, enterprise services, and applications
• Investigate Windows and Mac OS X systems
• Perform malware triage
• Write detailed incident response reports
• Create and implement comprehensive remediation plans