Qty:1
  • List Price: $62.95
  • Save: $23.47 (37%)
Only 19 left in stock (more on the way).
Ships from and sold by Amazon.com.
Gift-wrap available.
Virtualization and Forens... has been added to your Cart
+ $3.99 shipping
Used: Like New | Details
Sold by ramdistributors
Condition: Used: Like New
Comment: USED LIKE NEW BOOK, SHELF WEAR, NICE COPY, 100% 30 DAYS MONEY BACK GUARANTEE,FAST SHIPPING _B273
Access codes and supplements are not guaranteed with used items.
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Virtualization and Forensics: A Digital Forensic Investigator's Guide to Virtual Environments Paperback – June 1, 2010

19 customer reviews
ISBN-13: 978-1597495578 ISBN-10: 1597495573 Edition: 1st

Buy New
Price: $39.48
36 New from $34.49 23 Used from $29.66
Rent from Amazon Price New from Used from
Kindle
"Please retry"
$15.86
Paperback
"Please retry"
$39.48
$34.49 $29.66
Free Two-Day Shipping for College Students with Amazon Student Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student


Hero Quick Promo
Save up to 90% on Textbooks
Rent textbooks, buy textbooks, or get up to 80% back when you sell us your books. Shop Now
$39.48 FREE Shipping. Only 19 left in stock (more on the way). Ships from and sold by Amazon.com. Gift-wrap available.

Frequently Bought Together

Virtualization and Forensics: A Digital Forensic Investigator's Guide to Virtual Environments + Cloud Storage Forensics
Price for both: $98.39

Buy the selected items together

Editorial Reviews

From the Back Cover

Virtualization creates new and difficult challenges for forensic investigations. Operating systems and applications running in virtualized environments often leave few traces, yielding little evidence with which to conduct an investigation.

Virtualization and Forensics offers an in-depth view into the world of virtualized environments and the implications they have on forensic investigations. Part I explains the process of virtualization and the different types of virtualized environments. Part II details how virtualization interacts with the basic forensic process, describing the methods used to find virtualization artifacts in dead and live environments as well as identifying the virtual activities that affect the examination process. Part III address advanced virtualization issues, such as the challenges of virtualized environments, cloud computing, and the future of virtualization. After reading this book, you’ll be equipped to conduct investigations in these environments with confidence.

About the Author

Diane Barrett has been a contract forensic examiner at ForenTech since Oct. 2006 and is Professor for Computer Forensics and Network Security programs at the University of Advancing Technology. Additionally, Diane is the Faculty Council Chair for the systems development group and teaches several short online classes for web-based learning sites such as HP and Forbes. CCNA, CISSP, ISSMP, IAM/IEM Certified Steganographer, CCE Certificate of completion.

Gregory Kipper is a futurist and strategic forecaster in emerging technologies. He specialized in IT security and information assurance for 17 years, working for the last 11 years in the fields of digital forensics and the impacts emerging technologies have on crime and crime fighting. Mr. Kipper has been the keynote speaker at select industry events, a digital forensics instructor, and a trusted advisor to both the government and commercial sectors. He has published books in the fields of digital forensics and emerging technologies, including: "Investigator's Guide to Steganography," "Wireless Crime and Forensic Investigation," and "Virtualization and Forensics."
NO_CONTENT_IN_FEATURE
Shop the new tech.book(store)
New! Introducing the tech.book(store), a hub for Software Developers and Architects, Networking Administrators, TPMs, and other technology professionals to find highly-rated and highly-relevant career resources. Shop books on programming and big data, or read this week's blog posts by authors and thought-leaders in the tech industry. > Shop now

Product Details

  • Paperback: 272 pages
  • Publisher: Syngress; 1 edition (June 1, 2010)
  • Language: English
  • ISBN-10: 1597495573
  • ISBN-13: 978-1597495578
  • Product Dimensions: 7.5 x 0.6 x 9.2 inches
  • Shipping Weight: 1 pounds (View shipping rates and policies)
  • Average Customer Review: 3.6 out of 5 stars  See all reviews (19 customer reviews)
  • Amazon Best Sellers Rank: #1,560,585 in Books (See Top 100 in Books)

More About the Authors

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

15 of 15 people found the following review helpful By Mike on November 4, 2010
Format: Paperback Vine Customer Review of Free Product ( What's this? )
As a virtualization professional (full disclosure: i work at VMware), i was very interested in reading this book. However i was very disappointed. When reading the section on server virtualization, i was surprised to find that the author made no mention of ESXi nor ESX in the discussion of VMware's solution - which is probably the most likely virtualization OS that a forensics professional would encounter.

The book reads like a preliminary draft of a master thesis; basically providing a survey of some of the literature and tools available for forensics. Very little detail is given and pages are wasted with screen shots of the various virtualization platform tools and lists of files, which could have easily been provided on a DVD or via a book support website, but i assume were printed to pad the book (which is very short considering the breadth of the topic area and the number of solution discussed - ~220 pages). An obvious missing component to the book was a DVD or glossary of the websites for free tools that could be used. Much of the information in the book could be found within minutes via google. I was surprised to find no mention of Open VZ which is the basis of Parallels Virtuozzo Containers.

There is no real practical or actionable information that specifically helps you with the forensic analysis of virtual environments. The book is full of questions and no answers - not worth the paper.
3 Comments Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
10 of 11 people found the following review helpful By Richard Bejtlich on July 26, 2010
Format: Paperback
"Virtualization and Forensics" (VAF) offers "a digital forensic investigator's guide to virtual environments" as its subtitle. Eric Cole's introduction says "How do we analyze the [virtual] systems forensically since standard methods no longer work? Let me introduce a key piece of research and literature, VAF." I disagree with Eric's claim: I did not find VAF to be a compelling resource for forensic investigators of virtual environments. If an author writes a book on virtual forensics, I would expert more advice on how to accomplish the task, and less description of virtual environments. Unfortunately, VAF spends most of its time talking about virtual systems and not enough time helping investigators analyze them.

The bulk of VAF either 1) describes virtual systems in generic terms or 2) discusses other people's research regarding virtual environments. One of the few original sections appears in chapter 5, where the authors list artifacts from installation of virtualization software on Windows computers. Besides that chapter, the authors don't directly show how to do much of anything in the way of investigation. For example, on pp 123-4, why don't the authors demonstrate how to acquire memory from a system running ESXi, instead of providing a few sentences? I got the impression that the authors conducted some thought experiments regarding investigating virtual environments, but didn't really have experience in production.

On the quality side, I found some of the screen captures to be way too small. In other cases, I wondered what I was supposed to learn from them. Elsewhere, I wondered about the logic of taking screen captures of netstat output. Why not redirect the output to a file and print that in the text, and better yet, explain what it is supposed to mean?
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
3 of 4 people found the following review helpful By Christopher Powell TOP 500 REVIEWERVINE VOICE on January 16, 2011
Format: Paperback Vine Customer Review of Free Product ( What's this? )
I'm a VCP (VMware certified professional) and a Microsoft Engineer (MCSE/MCITP) and was looking for a more in depth approach to forensics as it is approached. While the book was nicely laid out for instruction on the basics of virtualization and the structures and impacts of design, it offered little in practical execution of forensics in these environments. As another reviewer stated, its more of a primer to get a forensics investigator to ask questions, while providing very little in the directions for answers.

I would recommend this book to information security folks who have not yet ventured into the virutal environments sector as very informational on entering the topic. The screen shots are newbie friendly to help add context to those who are not experienced with these environments. For those of use who have worked such environments for years, they are filler and provide little value.

For anyone looking to enhance their forensic toolkits, you will have to look elsewhere, this is an introduction.
1 Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
Format: Paperback Vine Customer Review of Free Product ( What's this? )
This is a lightweight primer on forensic examination of virtual environments. At best, it provides the examiner with a general understanding of virtual environments, including some specific environments. He book progresses in logical order beginning with a discussion of "How Virtualization Happens" and moving on to "Server Virtualization", "Desktop Virtualization" and finally "Portable Virtualization, Emulators and Appliances" Each of these chapters runs about 25 pages so don't expect to glean more than a very elementary understanding of each of these concepts. There are both references and bibliographies at the end of each chapter. Overall, I think the treatment is helpful as an introduction, but superficial.

The remaining seven chapters are a bit of a hodge-podge that left me with the impression that the authors aren't overly experienced with the subject matter, but more or less have done research on the subjects and written a report. They gloss over forensic examinations of live and dead virtual environments, detecting rogue virtual machines, compliance, "virtualization challenges" and on to cloud computing. No real depth here, but the information is helpful if you don't know much about virtual environments.

A small matter, but one that leads me to question the qualifications of Diane Barrett, one of the authors, appears on page 113 in a discussion of "The Fundamentals of Investigating Live Virtual Environments". Barrett recounts her testimony "in a civil case where the defendant was accused of the theft of proprietary information". She goes on to explain that "[i]n an attempt to absolve the accused of the crime" and then excerpts her testimony.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Most Recent Customer Reviews

Set up an Amazon Giveaway

Amazon Giveaway allows you to run promotional giveaways in order to create buzz, reward your audience, and attract new followers and customers. Learn more
Virtualization and Forensics: A Digital Forensic Investigator's Guide to Virtual Environments
This item: Virtualization and Forensics: A Digital Forensic Investigator's Guide to Virtual Environments
Price: $39.48
Ships from and sold by Amazon.com