After an incident of computer intrusion has occurred, it often takes far longer time to analyze what is happening than the perpetrator committing the crime. Therefore, it is important that an organisation is prepared to response to any incidents that occurred. As preparing yourself or the organisation to response to computer security incidents is not your usual daily task, it requires technical knowledge, communication and coordination among personnel in charge of the incident response process to ensure that proper incident response is put in place and carried out correctly.
This book is written for everybody. Computer users who want to know more about acquiring and handling digital evidences. It is the “must have” book for network administrators, security personnel and executives. Basically, it is an introductory book to computer forensics and incident response. The book serves as both a guide and a tool to preparing you when an incident occurs.
Some of the key points you will learn include:
- How to detect and analyze malicious codes when it enters the system.
- Detect signs of an incident about to occur and specific response measures
- Steps to searching, identifying and collecting evidences from network devices and data from memory
- Prevent espionage, insider attacks and inappropriate use of the network
- Develop policies and procedures to carefully audit the system
|
