Qty:1
  • List Price: $59.99
  • Save: $5.01 (8%)
Only 8 left in stock.
Ships from and sold by Amazon.com.
Gift-wrap available.
+ $3.99 shipping
Used: Good | Details
Condition: Used: Good
Comment: This book has a light amount of wear to the pages, cover and binding. Blue Cloud Books. Hot deals from the land of the sun.
Access codes and supplements are not guaranteed with used items.
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Mastering Windows Network Forensics and Investigation Paperback – October 15, 2012

ISBN-13: 978-0470097625 ISBN-10: 0470097620 Edition: 1st

Buy New
Price: $54.98
16 New from $10.99 25 Used from $5.74
Amazon Price New from Used from
Paperback
"Please retry"
$54.98
$10.99 $5.74

There is a newer edition of this item:

12%20Days%20of%20Deals%20in%20Books

Frequently Bought Together

Mastering Windows Network Forensics and Investigation + Guide to Computer Forensics and Investigations (Book & CD)
Price for both: $142.48

Buy the selected items together
NO_CONTENT_IN_FEATURE

Hero Quick Promo
12 Days of Kindle Book Deals
Load your library with Amazon's editors' picks, $2.99 or less each today only. Learn more

Product Details

  • Paperback: 552 pages
  • Publisher: Sybex; 1 edition (October 15, 2012)
  • Language: English
  • ISBN-10: 0470097620
  • ISBN-13: 978-0470097625
  • Product Dimensions: 7.3 x 1.1 x 9.3 inches
  • Shipping Weight: 1.8 pounds (View shipping rates and policies)
  • Average Customer Review: 4.5 out of 5 stars  See all reviews (15 customer reviews)
  • Amazon Best Sellers Rank: #1,028,725 in Books (See Top 100 in Books)

Editorial Reviews

From the Back Cover

Conduct Cutting-Edge Forensic Investigations of Computer Crimes.

Whether it's phishing, bank fraud, or unlawful hacking, computer crimes are on the rise, and law enforcement personnel who investigate these crimes must learn how to properly gather forensic evidence in the computer age.

Now you can get the training you need in this comprehensive guide from two seasoned law enforcement professionals. From recognizing high-tech criminal activity and collecting evidence to presenting it in a way that judges and juries can understand, this book covers the range of skills, standards, and step-by-step procedures you’ll need to conduct a criminal investigation in a Windows environment and make your evidence stand up in court.

The book also covers the emerging field of “live forensics,” where investigators examine a system to obtain evidence while it is still running, thus preserving live data that may be lost if the system is shut down.

COVERAGE INCLUDES:

  • Responding to a reported computer intrusion
  • Conducting the initial interview with the victims
  • Understanding how attackers exploit Windows networks
  • Deciphering Windows file systems, registries, and more
  • Analyzing data rapidly using live analysis techniques
  • Examining suspects’ computers
  • Using EnCase® for Windows event log analysis
  • Presenting technically complicated material to juries

About the Author

Steve Anson , CISSP, MCSE, is a special agent with the Pentagon’s Defense Criminal Investigative Service. He has a master’s degree in computer science as well as numerous industry certifications. As a former contract instructor for the FBI, he has taught hundreds of veteran federal agents, state and local police officers, and intelligence agency employees techniques for conducting computerintrusion investigations. He also founded and supervised a local police department computer crime and information services unit and served as a task force agent for the FBI. He has conducted investigations involving large-scale computer intrusions, counterterrorism, crimes against children, and many other offenses involving the substantive use of computers.

Steve Bunting is a captain with the University of Delaware Police Department, where he is responsible for computer forensics, video forensics, and investigations involving computers. He has more than thirty years experience in law enforcement, and his background in computer forensics is extensive. He is a Certified Computer Forensics Technician (CCFT) and an EnCase Certified Examiner (EnCE). He was the recipient of the 2002 Guidance Software Certified Examiner Award of Excellence. He has a bachelor’s degree in applied professions/business management from Wilmington College and a computer applications certificate in network environments from the University of Delaware. He has conducted computer forensic examinations for numerous local, state, and federal agencies on a variety of cases, including extortion, homicide, embezzlement, child exploitation, intellectual property theft, and unlawful intrusions into computer systems. He has testified in court on numerous occasions as a computer forensics expert. He has taught computer forensics for Guidance Software, makers of EnCase, and taught as a lead instructor at all course levels. He has been a presenter at several seminars and workshops, is the author of numerous white papers, and is the primary author of the book EnCase Computer Forensics: The Official EnCE: EnCase Certified Examiner Study Guide , which was published by Sybex in early 2006. You can reach him at sbunting@udel.edu.


More About the Authors

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

4.5 out of 5 stars
Share your thoughts with other customers

Most Helpful Customer Reviews

8 of 8 people found the following review helpful By Bryan Walker on April 17, 2007
Format: Paperback
As a law enforcement officer, I've often found myself frustrated by books that cover incident response, but never discuss law enforcement involvement, except as an afterthought. While I understand that it's important for corporate and internal investigators to have this type of information, it's refreshing to find a book that talks about the law enforcement response to an computer crime incident.

I've had the privilege of attending classes instructed by both of these authors. One of the things that impressed me about their classes is that they were able to break down complicated technical concepts into terms that cops can understand. They continue to do that in this book.

Computer crime investigators need to add this book to their libraries. I'd say it's a must have.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
8 of 8 people found the following review helpful By Amazon Customer on April 13, 2007
Format: Paperback Verified Purchase
I have been a federal agent and computer forensic examiner for over 10 years and this is the first book I have found that covers the areas of network forensics and live analysis techniques. Most books will cover how to conduct a standard forensic exam of a stand alone computer, but this book goes into detail on how to conduct forensic exams on networks and find the evidence left behind. I really learned a lot through the excellent screen captures and "how tos" that walk you through the process. The authors cover the forensic exam as well as the invetigation which is very helpful.

I highly recommend this book to anyone who works in the arena of computer crime, ecspecially intrusion investigations and computer forensics.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
6 of 6 people found the following review helpful By Shea Tisdale on April 21, 2007
Format: Paperback
This book skillfully combines real world network security with law enforcement investigative techniques to deliver a text which will enable you to make the right decisions based on the unique circumstances and facts of each event you are called on to investigate.

I consider this book a must have for anyone in network administration, network security or on a computer emergency response team. The techniques and information contained within are, without a doubt, missing from almost all other books and training you have received.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
7 of 8 people found the following review helpful By RP Faber on August 31, 2007
Format: Paperback
The book is about the daunting task to get evidence from computers suited with the Windows Operating System. This book is split in three parts. The first part is to get a basic understanding of how things work and what kind of vulnerabilities there are on a typical windows machine. Rootkits are touched lightly although there is some information to get a basic understanding of this complex and threatening technology there could be expected more.

The second part is about analysing a Windows Computer. Tools and techniques are discussed here and some explanation about the various filesystems. There could be less focus on the "EnCase" suite in my opinion.

The last, and in my opinion best part, is about about analysing logs, logparser and how to make your job much easier in gathering information and evidence from a windows machine. A great part with a wealth of useful tips and tricks. Even if you're not directly involved with forensics.

So the authors of this book discussed the basics of foresic investigation and security techniques and also the reasoning behind them. Overall they did a good job. They are not afraid to point out some other interesting booktitles to get even more knowledge about a specific topic. However there could be less focus on "EnCase" and more detailed information about certain topics such as rootkits.

Rob Faber CISSP, CEH, MCSE
Infrastructure architect / Sr. Security consultant
The Netherlands
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
1 of 1 people found the following review helpful By Robert Scott Swisher on June 18, 2009
Format: Paperback
I read this book to prepare for a computer forensics class. It is one of the best computer books I have read. It covers a lot of material that I wish was covered in my MCSA classes. This book really filled in a lot of holes in my knowledge. The authors make a point of emphasizing real-world skills and pitfalls to avoid. I highly recommend this book for all network admins and investigators.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
1 of 1 people found the following review helpful By Mary on October 2, 2012
Format: Paperback
I received this book today. It's early. I actually was looking at the tracking, and didn't realize it had come today. It's bigger than I anticipated. It's in excellent shape. The book is thick, and it's got some small print. No worries, i'm excited to have it. I'm even MORE excited that I got it for just around 8.00 and it retails at 59.99. HOLY COW! I've been waiting for this book to go this low for a long time, and very VERY excited to dig into it. This and my other computer forensics books are going to really mesh well, and the knowledge that I can see just beeming off of it is priceless.

Thank you for the great price, and thank you for the delivery.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
By Tom Moody on December 8, 2012
Format: Paperback Verified Purchase
Good book, very informative of todays problems and some exercises to get hands on practice, not boring to read like most books
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
By JessHan on April 6, 2010
Format: Paperback Verified Purchase
Very good book for learning a lot of interesting security threats. It brings you through a quick review of network infrastructure, and then dives into how to exploit it, analyze it, and what to look for when conducting an investigation of a windows network environment.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Most Recent Customer Reviews


What Other Items Do Customers Buy After Viewing This Item?