Your in-depth guide to detecting network breaches, uncovering evidence, and preventing future attacks
Whether it’s from malicious code sent through an e-mail or an unauthorized user accessing company files, your network is vulnerable to attack. Your response to such incidents is critical. With this comprehensive guide, Douglas Schweitzer arms you with the tools to reveal a security breach, gather evidence to report the crime, and conduct audits to prevent future attacks. He also provides you with a firm understanding of the methodologies for incident response and computer forensics, Federal Computer Crime law information and evidence requirements, legal issues, and how to work with law enforcement.
You’ll learn how to:
- Recognize the telltale signs of an incident and take specific response measures
- Search for evidence by preparing operating systems, identifying network devices, and collecting data from memory
- Analyze and detect when malicious code enters the system and quickly locate hidden files
- Perform keyword searches, review browser history, and examine Web caches to retrieve and analyze clues
- Create a forensics toolkit to prop-erly collect and preserve evidence
- Contain an incident by severing network and Internet connections, and then eradicate any vulnerabilities you uncover
- Anticipate future attacks and monitor your system accordingly
- Prevent espionage, insider attacks, and inappropriate use of the network
- Develop policies and procedures to carefully audit the system
CD-ROM includes:
- Helpful tools to capture and protect forensic data; search volumes, drives, and servers for evidence; and rebuild systems quickly after evidence has been obtained
- Valuable checklists developed by the author for all aspects of incident response and handling
About the Author
DOUGLAS SCHWEITZER is an Internet security specialist and authority on malicious code and computer forensics. He is a Cisco Certified Network Associate and Certified Internet Webmaster Associate, and holds A+, Network+, and i-Net+ certifications. Schweitzer is also the author of Internet Security Made Easy and Securing the Network from Malicious Code.