Offers:
|
Reviews:
Average Customer Review: 
Summary: You must buy...
Date: 2007-01-17 - 
Comment: You must buy if you are beginner, intermedium or advanced in forensic computers.
Summary: Ok book but File System Forensic is better
Date: 2006-05-24 - 
Comment: I liked this book, but it is scattered in its topics. A lot of the information can be found online, and the tools aren't what we use on a daily basis. I'm not sure if any of them are commercial tools in this book.
I liked File System Forensics by Brian Carrier better. Even though it had a smaller area to cover it provided a better introduction to the area and I could see how it could be used in a class better. Still, this book does have a lot of good content and makes a nice addition.
6 of 7 people found the following review helpful:
Summary: Best incidence reponse book out
Date: 2005-03-03 -
Comment: This is no doubt the best incidence reponse book out. I highly recommend this for anyone either in the field, learning to get into the field, or running a small to medium sized company without a team of experts. My entire network admin team uses this as a reference at the side of their desk.
11 of 12 people found the following review helpful:
Summary: Excellent basic reference
Date: 2004-05-15 - 
Comment: I read the book in about three days and found it to be a good primer for one leaning towards computer forensics. While some of the technology and tools described in the book will undoubtedly change within the next few months, a lot of the basic principles will remain pertinent for a long time to come. I heartily recommend this book for anyone with more than just a casual interest in Computer Security.
14 of 16 people found the following review helpful:
Summary: The Very Best Computer Forensics Primer Out There (1/04)
Date: 2004-01-22 -
Comment: As an attorney and a formally-trained computer forensics examiner and instructor who has been tilling the fields of digital evidence for some time, I'm always on the prowl for the next great computer forensics tool or text that's going to help me find the next smoking gun...or at least be confident I haven't overlooked it. I've built a substantial library of books and articles on computer forensics, some very good and some a complete waste of money. But, this book is the best of the best.From its step-by-step detail of the forensic process to its copious and helpful illustrations and screen shots to its unvarnished discussion of the tools in the marketplace, the second edition of Incident Response and Computer Forensics is, for my money, the most valuable resource any computer forensic examiner could have on their shelf. Many of the techniques and shortcuts detailed are "trade secrets" in that I've never seen them described in print. Unlike other forensic guides that assume the reader owns a costly forensic software suite, this book fairly splits its emphasis between Linux tools, shareware and the best software packages. That means the reader can begin the learning process at once, without investing anything more than their time and interest. Another strength is that the book neither presupposes a too-high level of knowledge or experience nor dumbs down its content such that an expert wouldn't derive any value. There's something here for everyone who cares about computer forensics, from the neophyte to the grizzled veteran. When I paid $50.00 for this tome at a big box bookstore, I worried I was paying too much. Now, I'd think it cheap at twice the price. As another reviewer pointed out, it doesn't devote a chapter to the law, but that is not to say that legal considerations are ignored. To the contrary, I think the authors do an excellent job of giving a useful "heads-up" where needed and not moving out of their depth. I don't know these guys, but I'd sure like to shake their hands for a job well done! Thanks. Craig Ball is an attorney and certified computer forensic examiner based in Montgomery, Texas, who teaches and consults with attorneys and the courts on matters of computer forensics and electronic discovery.
|
Useful Links:
