Syngress print books and ebooks | Elsevier | Elsevier Shop

The Basics of Digital Forensics

1st Edition
February 24, 2012
John Sammons
English
Paperback
9 7 8 1 5 9 7 4 9 6 6 1 2
eBook
9 7 8 1 5 9 7 4 9 6 6 2 9

The Basics of Digital Forensics provides a foundation for people new to the field of digital forensics. This book teaches you how to conduct examinations by explaining what digital forensics is, the methodologies used, key technical concepts and the tools needed to perform examinations. Details on digital forensics for computers, networks, cell phones, GPS, the cloud, and Internet are discussed. Readers will also learn how to collect evidence, document the scene, and recover deleted data. This is the only resource your students need to get a jump-start into digital forensics investigations. This book is organized into 11 chapters. After an introduction to the basics of digital forensics, the book proceeds with a discussion of key technical concepts. Succeeding chapters cover labs and tools; collecting evidence; Windows system artifacts; anti-forensics; Internet and email; network forensics; and mobile device forensics. The book concludes by outlining challenges and concerns associated with digital forensics. PowerPoint lecture slides are also available. This book will be a valuable resource for entry-level digital forensics professionals as well as those in complimentary fields including law enforcement, legal, and general information security.

Windows Forensic Analysis Toolkit

3rd Edition
January 27, 2012
Harlan Carvey
English
eBook
9 7 8 1 5 9 7 4 9 7 2 8 2

Windows Forensic Analysis Toolkit: Advanced Analysis Techniques for Windows 7 provides an overview of live and postmortem response collection and analysis methodologies for Windows 7. It considers the core investigative and analysis concepts that are critical to the work of professionals within the digital forensic analysis community, as well as the need for immediate response once an incident has been identified. Organized into eight chapters, the book discusses Volume Shadow Copies (VSCs) in the context of digital forensics and explains how analysts can access the wealth of information available in VSCs without interacting with the live system or purchasing expensive solutions. It also describes files and data structures that are new to Windows 7 (or Vista), Windows Registry Forensics, how the presence of malware within an image acquired from a Windows system can be detected, the idea of timeline analysis as applied to digital forensic analysis, and concepts and techniques that are often associated with dynamic malware analysis. Also included are several tools written in the Perl scripting language, accompanied by Windows executables. This book will prove useful to digital forensic analysts, incident responders, law enforcement officers, students, researchers, system administrators, hobbyists, or anyone with an interest in digital forensic analysis of Windows 7 systems.

Low Tech Hacking

1st Edition
December 13, 2011
Terry Gudaitis + 4 more
English
Paperback
9 7 8 1 5 9 7 4 9 6 6 5 0
eBook
9 7 8 1 5 9 7 4 9 6 6 6 7

Low Tech Hacking teaches your students how to avoid and defend against some of the simplest and most common hacks. Criminals using hacking techniques can cost corporations, governments, and individuals millions of dollars each year. While the media focuses on the grand-scale attacks that have been planned for months and executed by teams and countries, there are thousands more that aren't broadcast. This book focuses on the everyday hacks that, while simple in nature, actually add up to the most significant losses. It provides detailed descriptions of potential threats and vulnerabilities, many of which the majority of the information systems world may be unaware. It contains insider knowledge of what could be your most likely low-tech threat, with timely advice from some of the top security minds in the world. Author Jack Wiles spent many years as an inside penetration testing team leader, proving that these threats and vulnerabilities exist and their countermeasures work. His contributing authors are among the best in the world in their respective areas of expertise. The book is organized into 8 chapters covering social engineering; locks and ways to low tech hack them; low tech wireless hacking; low tech targeting and surveillance; low tech hacking for the penetration tester; the law on low tech hacking; and information security awareness training as a countermeasure to employee risk. This book will be a valuable resource for penetration testers, internal auditors, information systems auditors, CIOs, CISOs, risk managers, fraud investigators, system administrators, private investigators, ethical hackers, black hat hackers, corporate attorneys, and members of local, state, and federal law enforcement.

Moving To The Cloud

1st Edition
November 16, 2011
Geetha Manjunath + 1 more
English
Paperback
9 7 8 1 5 9 7 4 9 7 2 5 1
eBook
9 7 8 1 5 9 7 4 9 7 2 6 8

Moving to the Cloud provides an in-depth introduction to cloud computing models, cloud platforms, application development paradigms, concepts and technologies. The authors particularly examine cloud platforms that are in use today. They also describe programming APIs and compare the technologies that underlie them. The basic foundations needed for developing both client-side and cloud-side applications covering compute/storage scaling, data parallelism, virtualization, MapReduce, RIA, SaaS and Mashups are covered. Approaches to address key challenges of a cloud infrastructure, such as scalability, availability, multi-tenancy, security and management are addressed. The book also lays out the key open issues and emerging cloud standards that will drive the continuing evolution of cloud computing.

Migrating to the Cloud

1st Edition
October 3, 2011
Tom Laszewski + 1 more
English
Paperback
9 7 8 1 5 9 7 4 9 6 4 7 6
eBook
9 7 8 1 5 9 7 4 9 6 4 8 3

Migrating to the Cloud: Oracle Client/Server Modernization is a reference guide for migrating client/server applications to the Oracle cloud. Organized into 14 chapters, the book offers tips on planning, determining effort and budget, designing the Oracle cloud infrastructure, implementing the migration, and moving the Oracle cloud environment into production. Aside from Oracle application and database cloud offerings, the book looks at various tools and technologies that can facilitate migration to the cloud. It includes useful code snippets and step-by-step instructions in database migration, along with four case studies that highlight service enablement of DOS-based applications, Sybase to Oracle, PowerBuilder to APEX, and Forms to Java EE. Finally, it considers current challenges and future trends in cloud computing and client/server migration. This book will be useful to IT professionals, such as developers, architects, database administrators, IT project managers, and executives, in developing migration strategies and best practices, as well as finding appropriate solutions.

Coding for Penetration Testers

1st Edition
September 23, 2011
Jason Andress + 1 more
English
Paperback
9 7 8 1 5 9 7 4 9 7 2 9 9
eBook
9 7 8 1 5 9 7 4 9 7 3 0 5

Coding for Penetration Testers discusses the use of various scripting languages in penetration testing. The book presents step-by-step instructions on how to build customized penetration testing tools using Perl, Ruby, Python, and other languages. It also provides a primer on scripting including, but not limited to, Web scripting, scanner scripting, and exploitation scripting. It guides the student through specific examples of custom tool development that can be incorporated into a tester's toolkit as well as real-world scenarios where such tools might be used. This book is divided into 10 chapters that explores topics such as command shell scripting; Python, Perl, and Ruby; Web scripting with PHP; manipulating Windows with PowerShell; scanner scripting; information gathering; exploitation scripting; and post-exploitation scripting. This book will appeal to penetration testers, information security practitioners, and network and system administrators.

Digital Forensics for Legal Professionals

1st Edition
September 2, 2011
Larry Daniel + 1 more
English
Paperback
9 7 8 1 5 9 7 4 9 6 4 3 8
eBook
9 7 8 1 5 9 7 4 9 6 4 4 5

Digital Forensics for Legal Professionals is a complete non-technical guide for legal professionals and students to understand digital forensics. In the authors’ years of experience in working with attorneys as digital forensics experts, common questions arise again and again: "What do I ask for?" "Is the evidence relevant?" "What does this item in the forensic report mean?" "What should I ask the other expert?" "What should I ask you?" "Can you explain that to a jury?" This book answers many of those questions in clear language that is understandable by non-technical people. With many illustrations and diagrams that will be usable in court, it explains technical concepts such as unallocated space, forensic copies, timeline artifacts and metadata in simple terms that make these concepts accessible to both attorneys and juries. The book also explains how to determine what evidence to ask for, evidence that might be discoverable, and furthermore, it provides an overview of the current state of digital forensics, the right way to select a qualified expert, what to expect from that expert, and how to properly use experts before and during trial. With this book, readers will clearly understand different types of digital evidence and examples of direct and cross examination questions. It includes a reference of definitions of digital forensic terms, relevant case law, and resources. This book will be a valuable resource for attorneys, judges, paralegals, and digital forensic professionals.

The Official CHFI Study Guide (Exam 312-49)

1st Edition
August 31, 2011
Dave Kleiman
English
Paperback
9 7 8 1 5 9 7 4 9 1 9 7 6
eBook
9 7 8 0 0 8 0 5 5 5 7 1 3

This is the official CHFI (Computer Hacking Forensics Investigator) study guide for professionals studying for the forensics exams and for professionals needing the skills to identify an intruder's footprints and properly gather the necessary evidence to prosecute. The EC-Council offers certification for ethical hacking and computer forensics. Their ethical hacker exam has become very popular as an industry gauge and we expect the forensics exam to follow suit. Material is presented in a logical learning sequence: a section builds upon previous sections and a chapter on previous chapters. All concepts, simple and complex, are defined and explained when they appear for the first time. This book includes: Exam objectives covered in a chapter are clearly explained in the beginning of the chapter, Notes and Alerts highlight crucial points, Exam’s Eye View emphasizes the important points from the exam’s perspective, Key Terms present definitions of key terms used in the chapter, Review Questions contains the questions modeled after real exam questions based on the material covered in the chapter. Answers to the questions are presented with explanations. Also included is a full practice exam modeled after the real exam.

Industrial Network Security

1st Edition
August 15, 2011
Eric D. Knapp + 1 more
English
Paperback
9 7 8 1 5 9 7 4 9 6 4 5 2
eBook
9 7 8 1 5 9 7 4 9 6 4 6 9

Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems covers implementation guidelines for security measures of critical infrastructure. The book describes an approach to ensure the security of industrial networks by taking into account the unique network, protocol, and application characteristics of an industrial control system, along with various compliance controls. It offers guidance on deployment and configuration, and it explains why, where, and how security controls should be implemented. It also discusses common pitfalls and mistakes and how to avoid them. After reading this book, students will understand and address the unique security concerns that face the world's most important networks. This book examines the unique protocols and applications that are the foundation of industrial control systems and provides comprehensive guidelines for their protection. Divided into 11 chapters, it explains the basics of Ethernet and Transmission Control Protocol/Internet Protocol (TCP/IP) networking communications and the SCADA and field bus protocols. It also explores industrial networks as they relate to "critical infrastructure" and cyber security; potential risks and consequences of a cyber attack against an industrial control system; compliance controls in relation to network security practices; industrial network protocols such as Modbus and DNP3; assessment of vulnerabilities and risk; how to secure enclaves; regulatory compliance standards applicable to industrial network security; and common pitfalls and mistakes, like complacency and deployment errors. This book is a valuable resource for plant operators and information security analysts, as well as compliance officers who want to pass an audit with minimal penalties and/or fines. It will also appeal to IT and security professionals working on networks and control systems operations.

The Basics of Hacking and Penetration Testing

1st Edition
July 21, 2011
Patrick Engebretson
English
eBook
9 7 8 1 5 9 7 4 9 6 5 6 8

The Basics of Hacking and Penetration Testing serves as an introduction to the steps required to complete a penetration test or perform an ethical hack from beginning to end. This book makes ethical hacking and penetration testing easy – no prior hacking experience is required. It shows how to properly utilize and interpret the results of the modern-day hacking tools required to complete a penetration test. With a simple and clean explanation of how to effectively utilize these tools – as well as the introduction to a four-step methodology for conducting a penetration test or hack – the book provides students with the know-how required to jump start their careers and gain a better understanding of offensive security. The book is organized into 7 chapters that cover hacking tools such as Backtrack Linux, Google reconnaissance, MetaGooFil, dig, Nmap, Nessus, Metasploit, Fast Track Autopwn, Netcat, and Hacker Defender rootkit. Each chapter contains hands-on examples and exercises that are designed to teach learners how to interpret results and utilize those results in later phases. PowerPoint slides are available for use in class. This book is an ideal reference for security consultants, beginning InfoSec professionals, and students.

Life Sciences

Physical Sciences & Engineering

Social Sciences & Humanities

Health

Syngress