Midlands State University Library
Image from Google Jackets

Windows forensic analysis toolkit : advanced analysis techniques for Windows 8 / created by Harlan Carvey.

By: Material type: TextTextPublication details: Waltham : Syngress, 2014.Edition: Fourth editionDescription: 321 pages. IllustrationsContent type:
  • text
Media type:
  • unmediated
ISBN:
  • 9780124171572
  • 0124171575
Subject(s): LOC classification:
  • HV8079 CAR
Contents:
Preface -- Acknowledgments -- About the Author -- About the technicla Editor -- Analysis Concepts -- Incident preparation -- Volume Shadow Copies -- File Analysis -- Registry Analysis -- Malware Detection -- Timeline Analysis -- Correlating artifacts -- Reporting -- Index.
Summary: When I sat down to update the material for this edition, I wanted to not only include new information that I'd found or developed since the third edition was published, but I also wanted to try to include as much information as possible regarding Windows 8 and 8.1. With Windows 8.1 becoming available while I was updating the book, the inevitable questions were being asked, and invariably it won't be long before we start seeing the systems appear on analyst's workbenches. As such, I've tried to provide as much information as I could with respect to newer versions of Windows (i.e., 8 and 8.1), either by writing it directly into the book or linking to the sources of information on the Internet, when attempting to summarize it would simply not do the content justice. Keep in mind, however, that new information is being discovered and developed all the time, and at some point, I needed to stop writing and submit the book for final review and publishing. I'm sure that even more information will become available during the time between when the book goes to the printer, and when it actually comes out on the shelves at bookstores.
Reviews from LibraryThing.com:
Tags from this library: No tags from this library for this title. Log in to add tags.
Star ratings
    Average rating: 0.0 (0 votes)
Holdings
Item type Current library Call number Copy number Status Date due Barcode
Book Book Harare Campus Library Open Shelf HV8079 CAR (Browse shelf(Opens below)) 153810 Available BK141193
Book Book Harare Campus Library Open Shelf HV8079 CAR (Browse shelf(Opens below)) 153811 Available BK141207
Book Book Main Library Open Shelf HV8079 CAR (Browse shelf(Opens below)) 153812 Available BK141213
Book Book Main Library Open Shelf HV8079 CAR (Browse shelf(Opens below)) 153814 Available BK141210
Book Book Main Library Open Shelf HV8079 CAR (Browse shelf(Opens below)) 153813 Available BK141152
Book Book Main Library Open Shelf HV8079.C65 CAR (Browse shelf(Opens below)) 144362 Available BK130548
Book Book Main Library Open Shelf HV8079.C65 CAR (Browse shelf(Opens below)) 144361 Available BK130518

Includes index.

Preface -- Acknowledgments -- About the Author -- About the technicla Editor -- Analysis Concepts -- Incident preparation -- Volume Shadow Copies -- File Analysis -- Registry Analysis -- Malware Detection -- Timeline Analysis -- Correlating artifacts -- Reporting -- Index.

When I sat down to update the material for this edition, I wanted to not only include new information that I'd found or developed since the third edition was published, but I also wanted to try to include as much information as possible regarding Windows 8 and 8.1. With Windows 8.1 becoming available while I was updating the book, the inevitable questions were being asked, and invariably it won't be long before we start seeing the systems appear on analyst's workbenches. As such, I've tried to provide as much information as I could with respect to newer versions of Windows (i.e., 8 and 8.1), either by writing it directly into the book or linking to the sources of information on the Internet, when attempting to summarize it would simply not do the content justice. Keep in mind, however, that new information is being discovered and developed all the time, and at some point, I needed to stop writing and submit the book for final review and publishing. I'm sure that even more information will become available during the time between when the book goes to the printer, and when it actually comes out on the shelves at bookstores.

There are no comments on this title.

to post a comment.