Freshly Printed - allow 10 days lead
Couldn't load pickup availability
Executing Windows Command Line Investigations
While Ensuring Evidentiary Integrity
The only book that covers Windows Command Line Interface for forensic and incident response evidentiary triage.
Chet Hosmer (Author), Joshua Bartolomie (Author), Rosanne Pelli (Author)
9780128092682, Elsevier Science
Paperback, published 14 June 2016
228 pages
23.5 x 19 x 1.6 cm, 0.5 kg
"Executing Windows Command Line Investigations is a leading edge book that targets digital forensics investigations and incident response. The book clearly lays out the technical details of the Windows CLI so you can directly manage every aspect of cyber evidence acquisition and triage, while maintaining data evidence integrity and chain of custody. This is a must read for cyber security practitioners and students!" --Joe Giordano, Utica College "This book is an excellent reference for all levels of incident responders and covers essential techniques for responding to modern cyber security threats." --Mark Bilanski, Incident Response Manager
The book Executing Windows Command Line Investigations targets the needs of cyber security practitioners who focus on digital forensics and incident response. These are the individuals who are ultimately responsible for executing critical tasks such as incident response; forensic analysis and triage; damage assessments; espionage or other criminal investigations; malware analysis; and responding to human resource violations. The authors lead readers through the importance of Windows CLI, as well as optimal configuration and usage. Readers will then learn the importance of maintaining evidentiary integrity, evidence volatility, and gain appropriate insight into methodologies that limit the potential of inadvertently destroying or otherwise altering evidence. Next, readers will be given an overview on how to use the proprietary software that accompanies the book as a download from the companion website. This software, called Proactive Incident Response Command Shell (PIRCS), developed by Harris Corporation provides an interface similar to that of a Windows CLI that automates evidentiary chain of custody and reduces human error and documentation gaps during incident response.
The Impact of Windows CLI Importance of Digital Evidence Integrity Windows CLI Configuration Operating the Proactive Incident Response Command Shell (PIRCS) Use Cases Future Use 3rd Party Windows CLI Tools
Subject Areas: Computer security [UR], Operating systems [UL], Management of specific areas [KJMV]
