Mac OS X, iPod, and iPhone Forensic Analysis DVD Toolkit (Anglais) Broché – 18 décembre 2008
|Neuf à partir de||Occasion à partir de|
Descriptions du produit
Biographie de l'auteur
Aucun appareil Kindle n'est requis. Téléchargez l'une des applis Kindle gratuites et commencez à lire les livres Kindle sur votre smartphone, tablette ou ordinateur.
Pour obtenir l'appli gratuite, saisissez votre adresse e-mail ou numéro de téléphone mobile.
Détails sur le produit
En savoir plus sur les auteursDécouvrez des livres, informez-vous sur les écrivains, lisez des blogs d'auteurs et bien plus encore.
Dans ce livre(En savoir plus)
Commentaires en ligne
Commentaires client les plus utiles sur Amazon.com (beta)
The book introduces the reader to the Mac OS X operating system and common Apple hardware (i.e. iPods, iPhones, iMacs, etc.) out there today. The intended audience is digital forensic investigators, security professionals, and law enforcement. If you've read a Syngress digital forensics book such as Harlan Carvey's Windows Forensic Analysis, Second Edition, you are familiar with how these books encourage a hands-on learning approach through exercises and the use of specific forensic tools. This book follows the same path and, like Carvey's book, offers a DVD filled with exercises, images, and tools for the DIY forensicator.
The authors provide an excellent overview of the Macintosh operating system and include topics such as disk partitioning and Apple Disk images (DMG). For example, chapter 4 is dedicated to the HFS+ file system used by Macintosh computers and drills down to disk level file system forensics. While Brian Carrier's File System Forensic Analysis book touches on Apple partitions, the Mac OS X iPod, and iPhone Forensic Analysis DVD Toolkit book dives even more deeply into the file system structure and nomenclature.
This book demystifies topics such as FileVault (Apple's answer to file encryption) and Time Machine. It includes content on decrypting FileVault and restoring files from a Time Machine backup. The authors draw on their extensive experience and research to provide best practices, tips, and tricks for preserving and forensically acquiring data from Mac file systems. The authors extensively cover email, Safari based internet artifacts, chat logs, photos, videos, documents, .plists, and other valuable forensic evidence that can be recovered from a Macintosh.
The authors provide an extensive tool set with the accompanying DVD that includes both proprietary and open source tools that can be used to acquire and analyze devices such as Apple computers, iPhone and iPods. The Appendix is full of How-To's that deal with such issues as Bootcamp and virtualization, setting up a Macintosh computer for forensic use, and capturing volatile data on a Mac when conducting digital forensic triage on-scene of an incident.
If you are a digital forensic practitioner and want to learn Macintosh forensics, I highly recommend this book. Now is the time to become familiar with Macintosh and iOS forensics. If you have not had to image or analyze a Macintosh yet, you will. This book makes a great addition to your computer forensic library and is a resource for conducting Macintosh forensic examinations. If the authors pursue a 2nd edition of the book, I'd like to see more information on iOS devices (Note: Late breaking...it appears there is a book in the works iOS Forensic Analysis: for iPhone, iPad and iPod Touch), iDisk ("data from the cloud"), plists, low-level disk forensics, and maybe a chapter on tying it all together for the investigator/examiner when responding to an incident.
So if you are debating whether or not to add this book to your computer forensic reading library, Chapter 4: HFS Plus File System and Chapter 7: Acquiring Forensic Images are invaluable for an investigator/examiner; from Catalog Files in the HFS Plus File System, to imaging an iPod from your forensically configured Macintosh. This book will be an immediate reference tool for me when I'm performing Macintosh digital forensics.
Rechercher des articles similaires par rubrique
- Livres anglais et étrangers > Computers & Internet > Hardware > Macs
- Livres anglais et étrangers > Computers & Internet > Hardware > PCs
- Livres anglais et étrangers > Computers & Internet > Operating Systems > MacOS
- Livres anglais et étrangers > Computers & Internet > Security & Encryption
- Livres anglais et étrangers > Science > Mathematics > Applied