Windows Forensic Analysis DVD
Toolkit, Second Edition by Harlan
Carvey
Possession Of This Book Is Required For All Examiners
?If your job requires investigating compromised Windows hosts, you must
read Windows Forensic Analysis.?
?Richard Bejtlich, Coauthor of Real Digital Forensics and Amazon.com
Top 500 Book Reviewer
?The Registry Analysis chapter alone is worth the price of the book.?
?Troy Larson, Senior Forensic Investigator of Microsoft?s IT Security
Group

?I also found that the entire book could have been written on just registry
forensics. However, in order to create broad appeal, the registry section
was probably shortened. You can tell Harlan has a lot more to tell.?
?Rob Lee, Instructor and Fellow at the SANS Technology Institute,
coauthor of Know Your Enemy: Learning About Security Threats, 2E
Windows Forensic Analysis DVD Toolkit, 2E replaces the first edition as
the most comprehensive and thorough resource on incident response and
forensic analysis of Windows systems available, providing information and
resources not available anywhere else. This book covers both live and
post-mortem response collection and analysis methodologies, addressing
material that is applicable to law enforcement, the federal government,
students, and consultants. It also brings this material to the doorstep of
system administrators, who are often the frontline troops when an incident
occurs, but due to staffing and budgets do not have the necessary
knowledge to respond effectively. The companion DVD contains significant
new and updated materials (movies, spreadsheet, code, etc.) not available
any place else, because they were created and maintained by the author.
In the two years since the first edition was originally published, cybercrime
has continued to increase, and the criminals committing the crimes have
continued to become more sophisticated. Analysts and investigators need
up-to-date information to stay one step ahead, whether they?re examining
a system for signs of an intrusion or a data breach. Also, state and federal
legislation (e.g., CA-1386), as well as standards issued by regulatory
bodies (e.g., PCI and HIPAA), are adding an entirely new dimension to
what was once thought to be solely the domain of IT staff. Incident
responders and forensic analysts now have a whole new set of questions
to answer, and the only way to answer them is to be armed the latest and
most up-to-date information and analysis techniques, all of which are
covered in detail in this critical update of the best-selling resource.
* Based on reviewer feedback, the most popular chapter of the book, ?
Registry Analysis,? is thoroughly upgraded and expanded with a
completely new set of unique tools developed and demonstrated by the
author.
* A brand-new chapter, ?Forensic Analysis on a Budget,? collects freely
available tools that are essential for small labs, state (or below) law

enforcement, and educational organizations that can?t afford bloated and
expensive application suites.
* Completely new chapter ?Tying It All Together? puts the otherwise
isolated concepts in the book into context of incident response and
addresses frequent questions posed in public lists and forums.
* Once something a responder should do, developments in 2008 made
Windows memory analysis a more sophisticated and important
requirement that is given increased detail and focus in the new version of
the chapter in this book.
* New pedagogical elements??Lessons from the Field,? ?Case Studies,?
and ?War Stories??present real-life experiences from the trenches by an
expert in the trenches, making the material real and showing the why
behind the how.
* The companion DVD contains new, significant, and unique materials
(movies, spreadsheet, code, etc.) not available any place else, because
they were created by the author.
Personal Review: Windows Forensic Analysis DVD Toolkit,
Second Edition by Harlan Carvey
In ancient times, when philosophers and scientists gathered to discuss and
debate important topics, people would travel for weeks and months to
arrive, just to hear the debates. To listen to the great minds of the time, to
learn from them, and on occasion ask questions. In 2009 that trend
continues though in a different fashion.
In the case of Windows Forensic Analysis we are fortunate enough to have
Harlan Carvey. He has a deep well of knowledge to pull from and he
continues to pull buckets of information out of the well to keep us all well
hydrated. I was honored to read this book, and it's my privilege to write a
review. It's the least I could do.
It's a text book, it's a field manual, it's reference material. This is Windows
Forensic Analysis Second Edition and it's the best damn book on the
planet for Windows Forensics. I thought I liked the first edition and then I
read the second.
It's been updated to be sure, but it's also been expanded. There's current
information contained in the over 400 pages of content. There are case
studies, there are details you won't find elsewhere.
Want to know how to dump memory and collect volatile data? It's in the
book.
Can't recall which tool has certain limitations or what the tool can do? It's in
the book.
Want to know how to analyze volatile data? It's in the book.

Want to learn how to registry works? It's in the book.
Want to know how to do Windows Forensic Analysis? Read this book.
I've watched the forums and mailing lists since the first edition of the book
was released two years ago. Time after time I read the questions being
asked and went to the book. In an overwhelming majority of cases, the
answer was there. To those of you that asked these questions, do yourself
a favor. Go to the bookstore, or online store and buy the book, read it,
highlight it, dog ear pages for reference. Make use of the knowledge that
has been shared, your clients deserve it.
In ancient times, people would travel for weeks or months to listen and
learn from the greats..all you have to do is spend a little money and open
the book.
For More 5 Star Customer Reviews and Lowest Price:
Windows Forensic Analysis DVD Toolkit, Second Edition by Harlan Carvey 5 Star
Customer Reviews and Lowest Price!