Practical forensic imaging: securing digital evidence with linux tools, bruce nikkel

799 грн

Описание

Forensic image acquisition is an important part of postmortem incident
response and evidence collection. Digital forensic investigators acquire,
preserve, and manage digital evidence to support civil and criminal cases;
examine organizational policy violations; resolve disputes; and analyze cyber
attacks.

Practical Forensic Imaging

takes a detailed look at how to secure and manage digital evidence using
Linux-based command line tools. This essential guide walks you through the
entire forensic acquisition process and covers a wide range of practical
scenarios and situations related to the imaging of storage media.

You’ll learn how to:

–Perform forensic imaging of magnetic hard disks, SSDs and flash drives,
optical discs, magnetic tapes, and legacy technologies

–Protect attached evidence media from accidental modification

–Manage large forensic image files, storage capacity, image format conversion,
compression, splitting, duplication, secure transfer and storage, and secure
disposal

–Preserve and verify evidence integrity with cryptographic and piecewise
hashing, public key signatures, and RFC-3161 timestamping

–Work with newer drive and interface technologies like NVME, SATA Express,
4K-native sector drives, SSHDs, SAS, UASP/USB3x, and Thunderbolt

–Manage drive security such as ATA passwords; encrypted thumb drives; Opal
self-encrypting drives; OS-encrypted drives using BitLocker, FileVault, and
TrueCrypt; and others

–Acquire usable images from more complex or challenging situations such as
RAID systems, virtual machine images, and damaged media

With its unique focus on digital forensic acquisition and evidence
preservation,

Practical Forensic Imaging

is a valuable resource for experienced digital forensic investigators wanting
to advance their Linux skills and experienced Linux administrators wanting to
learn digital forensics. This is a must-have reference for every digital
forensics lab.

Також купити книгу Practical Forensic Imaging: Securing Digital Evidence with
Linux Tools, Bruce Nikkel Ви можете по посиланню

Состояние: Новое

Цвет: