Limited Offer
Virtualization and Forensics
A Digital Forensic Investigator’s Guide to Virtual Environments
- 1st Edition - May 18, 2010
- Authors: Greg Kipper, Diane Barrett
- Language: English
- Paperback ISBN:9 7 8 - 1 - 5 9 7 4 9 - 5 5 7 - 8
- eBook ISBN:9 7 8 - 1 - 5 9 7 4 9 - 5 5 8 - 5
Virtualization and Forensics: A Digital Forensic Investigators Guide to Virtual Environments offers an in-depth view into the world of virtualized environments and the implicati… Read more
Purchase options
Institutional subscription on ScienceDirect
Request a sales quoteVirtualization and Forensics: A Digital Forensic Investigators Guide to Virtual Environments offers an in-depth view into the world of virtualized environments and the implications they have on forensic investigations. Named a 2011 Best Digital Forensics Book by InfoSec Reviews, this guide gives you the end-to-end knowledge needed to identify server, desktop, and portable virtual environments, including: VMware, Parallels, Microsoft, and Sun. It covers technological advances in virtualization tools, methods, and issues in digital forensic investigations, and explores trends and emerging technologies surrounding virtualization technology.
This book consists of three parts. Part I explains the process of virtualization and the different types of virtualized environments. Part II details how virtualization interacts with the basic forensic process, describing the methods used to find virtualization artifacts in dead and live environments as well as identifying the virtual activities that affect the examination process. Part III addresses advanced virtualization issues, such as the challenges of virtualized environments, cloud computing, and the future of virtualization.
This book will be a valuable resource for forensic investigators (corporate and law enforcement) and incident response professionals.
- Named a 2011 Best Digital Forensics Book by InfoSec Reviews
- Gives you the end-to-end knowledge needed to identify server, desktop, and portable virtual environments, including: VMware, Parallels, Microsoft, and Sun
- Covers technological advances in virtualization tools, methods, and issues in digital forensic investigations
- Explores trends and emerging technologies surrounding virtualization technology
Forensic Investigators (corporate and law enforcement) and Incident Response Professionals.
Acknowledgments
Introduction
About the Authors
Part 1 Virtualization
Chapter 1 How Virtualization Happens
Physical Machines
How Virtualization Works
Hypervisors
Main Categories of Virtualization
Benefits of Virtualization
Cost of Virtualization
Summary
References
Bibliography
Chapter 2 Server Virtualization
What Is Server Virtualization?
Differences between Desktop and Server Virtualization
Common Virtual Servers
Summary
References
Bibliography
Chapter 3 Desktop Virtualization
What Is Desktop Virtualization?
Common Virtual Desktops
Virtual Appliances and Forensics
Virtual Desktops as a Forensic Platform
Summary
Bibliography
Chapter 4 Portable Virtualization, Emulators, and Appliances
MojoPac
MokaFive
Preconfigured Virtual Environments
Virtual Appliance Providers
JumpBox Virtual Appliances
VirtualBox
Virtualization Hardware Devices
Virtual Privacy Machine
Virtual Emulators
Future Development
Summary
References
Bibliography
Part 2 Forensics
Chapter 5 Investigating Dead Virtual Environments
Install Files
Remnants
Registry
Microsoft Disk Image Formats
Data to Look for
Investigator Tips
Summary
References
Bibliography
Chapter 6 Investigating Live Virtual Environments
The Fundamentals of Investigating Live Virtual Environments
Artifacts
Processes and Ports
Log Files
VM Memory Usage
Memory Analysis 121
ESXi Analysis
Microsoft Analysis Tools
Moving Forward
Summary
References
Bibliography
Chapter 7 Finding and Imaging Virtual Environments
Detecting Rogue Virtual Machines
Is It Real or Is It Memorex?
Imaging Virtual Machines
Snapshots
VMotion
Identification and Conversion Tools
Environment to Environment Conversion
Summary
References
Bibliography
Part 3 Advanced Virtualization
Chapter 8 Virtual Environments and Compliance
Standards
Compliance
Organizational Chain of Custody
Data Retention Policies
Summary
References
Bibliography
Chapter 9 Virtualization Challenges
Data Centers
Security Considerations
Malware and Virtualization
Red Pill, Blue Pill, No Pill
Additional Challenges
Virtualization Drawbacks
Summary
References
Bibliography
Chapter 10 Cloud Computing and the Forensic Challenges
What Is Cloud Computing?
Cloud Computing Services
Streaming Operating Systems
Application Streaming
Virtual Applications
Cloud Computing, Virtualization, and Security
Cloud Computing and Forensics
Summary
Bibliography
Chapter 11 Visions of the Future: Virtualization and Cloud Computing
Future of Virtualization
The Evolving Cloud
Autonomic Computing
Summary
Bibliography
Appendix: Performing Physical-to-Virtual and Virtual-to-Virtual Migrations
Glossary
Index
- No. of pages: 272
- Language: English
- Edition: 1
- Published: May 18, 2010
- Imprint: Syngress
- Paperback ISBN: 9781597495578
- eBook ISBN: 9781597495585
GK
Greg Kipper
DB