• Computer Forensics: Incident Response Essentials

    by  • July 29, 2009 • A-C, Incident Response / Forensics

    Rating four

    The Bottom Line

    This book is a great place for someone to start into the field of computer forensics. Written in a style most can follow it provides a solid foundation of the tools and tricks of the trade.
    Pros
    • Easy to read- not too technical
    • Complete overview of forensic tools and techniques
    • Great as a primer or a reference source
    Cons
    • May not offer much to experienced forensics techs

    Description

    • A concise and solid explanation of the fundamentals of computer forensics and incident response
    • Covers multiple platforms- Windows, Macintosh, DOS, *Nix
    • The basic steps of acquiring, authenticating and analyzing evidence are timeless
    • Provides an understanding which can be used as a springboard to more technical books

    Review:

    This book is a couple years old now, but the fundamentals remain essentially the same. Kruse and Heiser are seasoned experts in computer forensics and incident response and they have managed to boil down years of knowledge and experience into a format that is easy to read and understand. While security experts may not learn anything new from this book, those entering the field will find it invaluable. It is comprehensive and detailed while remaining easy to read. The foundation provided by reading and understanding this book can be used to move forward into more technical areas. Computer Forensics is not fluff by any means though and could easily be kept nearby as a handy reference for a computer forensic investigation.

    About

    Tony has driven security policies and technologies for antivirus and incident response for Fortune 500 companies, and he has been network administrator and technical support for smaller companies. He has written for a variety of other Web sites and publications, including BizTech Magazine, PC World, SearchSecurity.com, WindowsNetworking.com, Smart Computing magazine, and Information Security magazine. Tony is a CISSP (Certified Information Systems Security Professional) and ISSAP (Information Systems Security Architecture Professional). He is Microsoft Certified as an MCSE (Microsoft Certified Systems Engineer) and MCSA (Microsoft Certified Systems Administrator) in Windows 2000 and an MCP (Microsoft Certified Professional) in Windows NT. Tony has been recognized by Microsoft as an MVP (Most Valuable Professional) in Windows security since 2006. In addition to his Web site and magazine contributions, Tony was also tech editor of PCI Compliance (ISBN: 1597491659 ) and author of Essential Computer Security: Everyone’s Guide to E-mail, Internet, and Wireless Security (ISBN: 1597491144), coauthor of Hacker’s Challenge 3 (ISBN: 0072263040) and a contributing author to Winternals: Defragmentation, Recovery, and Administration Field Guide (ISBN: 1597490792), Combating Spyware in the Enterprise (ISBN: 1597490644) Syngress Force 2006 Emerging Threat Analysis: From Mischief to Malicious (ISBN: 1597490563), Botnets: The Killer Web Applications (ISBN: 1597491357), and AVIEN Malware Defense Guide for the Enterprise (ISBN: 1597491640).

    http://www.tonybradley.com