EnCase Computer Forensics -- The Official EnCE: EnCase Certified Examiner Study Guide

Ön Kapak
John Wiley & Sons, 14 Eyl 2012 - 752 sayfa
The official, Guidance Software-approved book on the newest EnCE exam!

The EnCE exam tests that computer forensic analysts and examiners have thoroughly mastered computer investigation methodologies, as well as the use of Guidance Software's EnCase Forensic 7. The only official Guidance-endorsed study guide on the topic, this book prepares you for the exam with extensive coverage of all exam topics, real-world scenarios, hands-on exercises, up-to-date legal information, and sample evidence files, flashcards, and more.

  • Guides readers through preparation for the newest EnCase Certified Examiner (EnCE) exam
  • Prepares candidates for both Phase 1 and Phase 2 of the exam, as well as for practical use of the certification
  • Covers identifying and searching hardware and files systems, handling evidence on the scene, and acquiring digital evidence using EnCase Forensic 7
  • Includes hands-on exercises, practice questions, and up-to-date legal information
  • Sample evidence files, Sybex Test Engine, electronic flashcards, and more

If you're preparing for the new EnCE exam, this is the study guide you need.

 

İçindekiler

Chapter
1
Chapter
7
1 Examining the Partition Table
23
File Systems
33
1 Viewing FAT Entries
55
Index
74
First Response
89
1 First Response to a Computer Incident
112
8
435
1 Performing a File Signature Analysis
445
Hash Analysis
449
Time Zones
475
Changing the Properties of a Shortcut
504
Send To Folder
518
Kinds of Information Available in Event Logs
549
1 Windows Artifacts Recovery
558

Chapter
119
8
127
Network Acquisitions
135
1 Previewing Your Own Hard Drive
162
LinEn Acquisitions
168
1 Understanding How EnCase Maintains Data Integrity
213
EnCase Environment
241
Creating a Case
249
Tree Pane Navigation
255
Table Pane Navigation
266
View Pane Navigation
284
Permissions View
291
1 Navigating EnCase
302
Summary
318
Binary Numbers
327
Bookmarking
376
1 Searching for Data and Bookmarking the Results
414
Chapter
571
1 Partition Recovery
587
Registry
595
EnScript and Filters
608
Email
614
2 Conducting Email Examinations
617
EnCase Decryption Suite
622
Virtual File System VFS
629
Appendix
653
Sybex Test Engine
682
241
692
33
694
266
698
595
703
275
706
Telif Hakkı

Diğer baskılar - Tümünü görüntüle

Sık kullanılan terimler ve kelime öbekleri

Yazar hakkında (2012)

Steve Bunting, EnCE, CCFT, has over 30 years of law enforcement and computer forensics experience. He is a Senior Forensic Consultant for Forward Discovery, a global forensics consulting organization. Previously he served as a captain with the University of Delaware Police Department, where he conducted examinations of computer systems for federal, state, and local law enforcement. He is also the coauthor of Mastering Windows Network Forensics and Investigation.

Kaynakça bilgileri