Appendix appA. Building a Forensic Analysis Environment

After the previous chapters, we should now have realized how important incident response is for digital forensics processes and how necessary it is to deal with both of them accurately. In this appendix of the book, we will discuss the creation of a convenient work environment to conduct the digital forensics analysis, the digital forensics lab, at enterprise scale.

Before we start building our lab, let's answer the following questions:

What are the lab's purposes, and what kind of devices will we analyze (computers, mobiles, and so on)? This will help us determine the suitable tools for our lab.
How many cases can we expect to receive, and what is the expected expansion in our scope and lab? ...

Get Practical Windows Forensics now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Practical Windows Forensics by Ayman Shaaban, Konstantin Sapronov

Appendix appA. Building a Forensic Analysis Environment

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly