Aucun appareil Kindle n'est requis. Téléchargez l'une des applis Kindle gratuites et commencez à lire les livres Kindle sur votre smartphone, tablette ou ordinateur.

  • Apple
  • Android
  • Windows Phone
  • Android

Pour obtenir l'appli gratuite, saisissez votre numéro de téléphone mobile.

Prix Kindle : EUR 34,70

Économisez
EUR 45,64 (57%)

TVA incluse

Ces promotions seront appliquées à cet article :

Certaines promotions sont cumulables avec d'autres offres promotionnelles, d'autres non. Pour en savoir plus, veuillez vous référer aux conditions générales de ces promotions.

Envoyer sur votre Kindle ou un autre appareil

Envoyer sur votre Kindle ou un autre appareil

File System Forensic Analysis par [Carrier, Brian]
Publicité sur l'appli Kindle

File System Forensic Analysis 1 , Format Kindle

5.0 étoiles sur 5 1 commentaire client

Voir les 3 formats et éditions Masquer les autres formats et éditions
Prix Amazon
Neuf à partir de Occasion à partir de
Format Kindle
"Veuillez réessayer"
Format Kindle, 17 mars 2005
EUR 34,70

Longueur : 600 pages Composition améliorée: Activé Page Flip: Activé
Langue : Anglais

Description du produit

Présentation de l'éditeur

The Definitive Guide to File System Analysis: Key Concepts and Hands-on Techniques

 

Most digital evidence is stored within the computer's file system, but understanding how file systems work is one of the most technically challenging concepts for a digital investigator because there exists little documentation. Now, security expert Brian Carrier has written the definitive reference for everyone who wants to understand and be able to testify about how file system analysis is performed.

 

Carrier begins with an overview of investigation and computer foundations and then gives an authoritative, comprehensive, and illustrated overview of contemporary volume and file systems: Crucial information for discovering hidden evidence, recovering deleted data, and validating your tools. Along the way, he describes data structures, analyzes example disk images, provides advanced investigation scenarios, and uses today's most valuable open source file system analysis tools—including tools he personally developed. Coverage includes

  • Preserving the digital crime scene and duplicating hard disks for "dead analysis"
  • Identifying hidden data on a disk's Host Protected Area (HPA)
  • Reading source data: Direct versus BIOS access, dead versus live acquisition, error handling, and more
  • Analyzing DOS, Apple, and GPT partitions; BSD disk labels; and Sun Volume Table of Contents using key concepts, data structures, and specific techniques
  • Analyzing the contents of multiple disk volumes, such as RAID and disk spanning
  • Analyzing FAT, NTFS, Ext2, Ext3, UFS1, and UFS2 file systems using key concepts, data structures, and specific techniques
  • Finding evidence: File metadata, recovery of deleted files, data hiding locations, and more
  • Using The Sleuth Kit (TSK), Autopsy Forensic Browser, and related open source tools

When it comes to file system analysis, no other book offers this much detail or expertise. Whether you're a digital forensics specialist, incident response team member, law enforcement officer, corporate security specialist, or auditor, this book will become an indispensable resource for forensic investigations, no matter what analysis tools you use.

Quatrième de couverture

The Definitive Guide to File System Analysis: Key Concepts and Hands-on Techniques

Most digital evidence is stored within the computer's file system, but understanding how file systems work is one of the most technically challenging concepts for a digital investigator because there exists little documentation. Now, security expert Brian Carrier has written the definitive reference for everyone who wants to understand and be able to testify about how file system analysis is performed.

Carrier begins with an overview of investigation and computer foundations and then gives an authoritative, comprehensive, and illustrated overview of contemporary volume and file systems: Crucial information for discovering hidden evidence, recovering deleted data, and validating your tools. Along the way, he describes data structures, analyzes example disk images, provides advanced investigation scenarios, and uses today's most valuable open source file system analysis tools―including tools he personally developed. Coverage includes

  • Preserving the digital crime scene and duplicating hard disks for "dead analysis"

  • Identifying hidden data on a disk's Host Protected Area (HPA)

  • Reading source data: Direct versus BIOS access, dead versus live acquisition, error handling, and more

  • Analyzing DOS, Apple, and GPT partitions; BSD disk labels; and Sun Volume Table of Contents using key concepts, data structures, and specific techniques

  • Analyzing the contents of multiple disk volumes, such as RAID and disk spanning

  • Analyzing FAT, NTFS, Ext2, Ext3, UFS1, and UFS2 file systems using key concepts, data structures, and specific techniques

  • Finding evidence: File metadata, recovery of deleted files, data hiding locations, and more

  • Using The Sleuth Kit (TSK), Autopsy Forensic Browser, and related open source tools

When it comes to file system analysis, no other book offers this much detail or expertise. Whether you're a digital forensics specialist, incident response team member, law enforcement officer, corporate security specialist, or auditor, this book will become an indispensable resource for forensic investigations, no matter what analysis tools you use.

Brian Carrier has authored several leading computer forensic tools, including The Sleuth Kit (formerly The @stake Sleuth Kit) and the Autopsy Forensic Browser. He has authored several peer-reviewed conference and journal papers and has created publicly available testing images for forensic tools. Currently pursuing a Ph.D. in Computer Science and Digital Forensics at Purdue University, he is also a research assistant at the Center for Education and Research in Information Assurance and Security (CERIAS) there. He formerly served as a research scientist at @stake and as the lead for the @stake Response Team and Digital Forensic Labs. Carrier has taught forensics, incident response, and file systems at SANS, FIRST, the @stake Academy, and SEARCH.

Brian Carrier's http://www.digital-evidence.org contains book updates and up-to-date URLs from the book's references.


© Copyright Pearson Education. All rights reserved.


Détails sur le produit

  • Format : Format Kindle
  • Taille du fichier : 17839 KB
  • Nombre de pages de l'édition imprimée : 600 pages
  • Utilisation simultanée de l'appareil : Jusqu'à 5 appareils simultanés, selon les limites de l'éditeur
  • Editeur : Addison-Wesley Professional; Édition : 1 (17 mars 2005)
  • Vendu par : Amazon Media EU S.à r.l.
  • Langue : Anglais
  • ASIN: B000OZ0N9O
  • Synthèse vocale : Activée
  • X-Ray :
  • Word Wise: Non activé
  • Lecteur d’écran : Pris en charge
  • Composition améliorée: Activé
  • Moyenne des commentaires client : 5.0 étoiles sur 5 1 commentaire client
  • Classement des meilleures ventes d'Amazon: n°418.698 dans la Boutique Kindle (Voir le Top 100 dans la Boutique Kindle)
  • Voulez-vous nous parler de prix plus bas?

click to open popover

Commentaires en ligne

5.0 étoiles sur 5
5 étoiles
1
4 étoiles
0
3 étoiles
0
2 étoiles
0
1 étoile
0
Voir le commentaire client
Partagez votre opinion avec les autres clients

Meilleurs commentaires des clients

Format: Format Kindle Achat vérifié
J'ai utilise ce livre pour comprendre des systemes de fichiers corrompu. La lisibilite permet de suivre a l'editeur hexa la logique decrite dans les pages. La richesse de la reference permet souvent de se passer de la spec d'origine
Remarque sur ce commentaire Avez-vous trouvé ce commentaire utile ? Oui Non Commentaire en cours d'envoi...
Merci pour votre commentaire.
Désolé, nous n'avons pas réussi à enregistrer votre vote. Veuillez réessayer
Signaler un abus

Commentaires client les plus utiles sur Amazon.com (beta) (Peut contenir des commentaires issus du programme Early Reviewer Rewards)

Amazon.com: 4.6 étoiles sur 5 62 commentaires
1 internautes sur 1 ont trouvé ce commentaire utile 
5.0 étoiles sur 5 Essential 17 janvier 2016
Par Aaron - Publié sur Amazon.com
Format: Broché Achat vérifié
I've not completed reading this book yet but let me tell you this is absolutely the book that needed to be written on this subject. I've taken lots of courses in forensics and this re-established the knowledge from those courses. I can confirm the validity of the information provided from the courses I've taken and it's served as a good mix of new material and refresher material. Granted, I have a few hundred pages to go but the way this is going I can't recommend it enough. This is basically The Bible of file systems. It's a book you should read once simply to have the exposure to the knowledge he provides. No regrets with this purchase. Wholeheartedly recommending this to anyone who wants to go above and beyond in this field.
1 internautes sur 1 ont trouvé ce commentaire utile 
3.0 étoiles sur 5 Not an easy read but good resource 28 mai 2016
Par M. Bradley - Publié sur Amazon.com
Format: Broché Achat vérifié
My understanding is that this book is going to be updated and if so, would be welcome. I read a ton of reviews that praised this book and while I'm sure they are correct, it's not light reading. I also felt that some topics weren't covered too well for someone that isn't a novice but isn't an expert either. It's written very matter-of-factly, so I felt like if you are strong at this topic or have a good solid foundation, you'll be good. If you are a newer person or looking to have a clearer understanding, I feel that this let me down a bit.
1 internautes sur 1 ont trouvé ce commentaire utile 
5.0 étoiles sur 5 It's a little out dated (2006) but all the basics ... 24 avril 2017
Par Buck - Publié sur Amazon.com
Format: Broché Achat vérifié
It's a little out dated (2006) but all the basics are there. Microsoft has rewritten some of the rules recently and you have to read up on those but this will give you a start. That is why I bought it!
5 internautes sur 5 ont trouvé ce commentaire utile 
5.0 étoiles sur 5 This is what I keep at my right hand during any forensic analysis. 3 février 2013
Par Nicholas Redman Marshall - Publié sur Amazon.com
Format: Broché Achat vérifié
This book is the beginning and ending point for anyone who needs to know how to forensically examine a computers hard drive. Understanding the file system layouts and forensic procedures described in this book is necessary to truly testify as an expert, otherwise you are just trusting that what ever tool you use is going to work. Carrier does a very good job of laying out all of the steps necessary to create a forensically sound disk image as well as going into all of the details of how the most commonly used file systems are structured and how to examine them at the lowest levels using a simple hex editor. While this book alone will not make you a forensic expert, it provides all of the information necessary to perform a forensic examination of the most common file systems and the procedure it lays out on how to perform the examination can be used on any file system.
2 internautes sur 2 ont trouvé ce commentaire utile 
5.0 étoiles sur 5 A must-have for digital forensics. 14 juillet 2014
Par Danny McCaslin Jr. - Publié sur Amazon.com
Format: Broché Achat vérifié
This isn't beach reading by any stretch of the imagination. I used the book as a read-along for some online seminars I was doing in digital forensics, and it helped me to understand the concepts better. Brian Carrier is also the author of the Sleuth Kit forensics package. It's a must have if you're doing any kind of digital forensics or data recovery work.
Ces commentaires ont-ils été utiles ? Dites-le-nous