The definitive guide to incident response--updated for the first time in a decade!
Thoroughly revised to cover the latest and most effective tools and techniques, Incident Response & Computer Forensics, Third Edition arms you with the information you need to get your organization out of trouble when data breaches occur. This practical resource covers the entire lifecycle of incident response, including preparation, data collection, data analysis, and remediation. Real-world case studies reveal the methods behind--and remediation strategies for--today's most insidious attacks.
- Architect an infrastructure that allows for methodical investigation and remediation
- Develop leads, identify indicators of compromise, and determine incident scope
- Collect and preserve live data
- Perform forensic duplication
- Analyze data from networks, enterprise services, and applications
- Investigate Windows and Mac OS X systems
- Perform malware triage
- Write detailed incident response reports
- Create and implement comprehensive remediation plans