Log In
Or create an account ->
Imperial Library
Home
About
News
Upload
Forum
Help
Login/SignUp
Index
Cover image
Title page
Table of Contents
Copyright
Dedication
Preface
Intended Audience
Organization of This Book
DVD Contents
Acknowledgments
About the Author
About the Technical Editor
Chapter 1. Analysis Concepts
Introduction
Analysis concepts
Setting up an analysis system
Summary
Chapter 2. Incident Preparation
Introduction
Being prepared to respond
Data collection
Business models
Summary
Chapter 3. Volume Shadow Copies
Introduction
What are “volume shadow copies”?
Live systems
Acquired images
Windows 8
Summary
Reference
Chapter 4. File Analysis
Information in This Chapter
Introduction
MFT
Event logs
Recycle bin
Prefetch files
Scheduled tasks
Jump lists
Hibernation files
Application files
Summary
References
Chapter 5. Registry Analysis
Introduction
Registry analysis
Summary
References
Chapter 6. Malware Detection
Information in This Chapter
Introduction
Malware Characteristics
Detecting Malware
Summary
References
Chapter 7. Timeline Analysis
Introduction
Timelines
Creating Timelines
Case Study
Summary
Chapter 8. Correlating Artifacts
Introduction
How-Tos
Summary
Chapter 9. Reporting
Introduction
Goals
Case Notes
Reporting
Summary
Index
← Prev
Back
Next →
← Prev
Back
Next →