Windows Forensics and Incident Recovery by Harlan Carvey

Windows Forensics and Incident Recovery by Harlan Carvey

Regular price
Checking stock...
Regular price
Checking stock...
Summary

Provides a 'command-line centric' view of Microsoft and non-Microsoft tools that can be very helpful to folks responsible for security and system administration on the Windows platform. This book focuses on forensics and incident recovery in a Windows environment. It teaches through case studies and real world-examples.

The feel-good place to buy books
  • Free US shipping over $15
  • Buying preloved emits 41% less CO2 than new
  • Millions of affordable books
  • Give your books a new home - sell them back to us!

Windows Forensics and Incident Recovery by Harlan Carvey

Provides a 'command-line centric' view of Microsoft and non-Microsoft tools that can be very helpful to folks responsible for security and system administration on the Windows platform. This book focuses on forensics and incident recovery in a Windows environment. It teaches through case studies and real world-examples.

Harlan Carvey¿s interest in computer and information security began while he was an officer in the U.S. military, during which time he earned his master¿s degree in Electrical Engineering. After leaving military service, he began working in the field of commercial and government information security consulting, performing vulnerability assessments and penetration tests. While employed at one company, he was the sole developer of a program for collecting security-specific information (i.e., Registry entries, file information, configuration settings, etc.) from Windows NT systems during vulnerability assessments. The purpose of the product was to overcome shortfalls in commercial scanning products and provide more valuable information to the customer. Harlan has also done considerable work in the area of incident response and forensics, performing internal and external investigations. He has also written a number of proof-of- concept tools for educating users in such topics as Windows null sessions, file signature analysis, and the retrieval of metadata from a variety of files.

Harlan¿s experience with computers began in the early ¿80s, with a Timex-Sinclair 1000. Around that time, he was learning to program BASIC on an Apple IIe. From there, he moved on to computers such as the Epson QX-10 and the TRS-80, on which he programmed BASIC learned PASCAL, using the TurboPASCAL compiler. Since then, he¿s worked with SunOS and Solaris systems, as well as various versions of DOS and Windows, OS/2, and Linux.

Harlan has presented at Usenix, DefCon9, Black Hat, GMU2003 on various topics specific to issues on Windows platforms, such as data hiding. He has had articles published in the Information Security Bulletin and on the SecurityFocus web site.

SKU Unavailable
ISBN 13 9780321200983
ISBN 10 0321200985
Title Windows Forensics and Incident Recovery
Author Harlan Carvey
Condition Unavailable
Binding Type Multiple-component retail product
Publisher Pearson Education (US)
Year published 2004-08-05
Number of pages 480
Cover note Book picture is for illustrative purposes only, actual binding, cover or edition may vary.