Mastering Windows Network Forensics and Investigation (Mastering)

This comprehensive guide provides you with the training you need to arm yourself against phishing, bank fraud, unlawful hacking, and other computer crimes. Two seasoned law enforcement professionals discuss everything from recognizing high-tech criminal activity and collecting evidence to presenting it in a way that judges and juries can understand. They cover the range of skills, standards, and step-by-step procedures you?ll need to conduct a criminal investigation in a Windows environment and make your evidence stand up in court.

User review
Good Purchase - Mastering Windows Forensics
This is a good book on some of the basics of windows forensics. The product came in when I was told it would. Overall I think this is a good all around book for learning more about computer forensics.

User review
Outstanding Book
I read this book to prepare for a computer forensics class. It is one of the best computer books I have read. It covers a lot of material that I wish was covered in my MCSA classes. This book really filled in a lot of holes in my knowledge. The authors make a point of emphasizing real-world skills and pitfalls to avoid. I highly recommend this book for all network admins and investigators.

User review
A Must
It is a tool you should have in your toolbox.
Everything you must know to be the expect.

Sincerely,

Ricardo Leanos
CPU-Tech-Solutions.com

P.S.
It lacks a few tools but you won't miss them.

User review
Good but could be better,,.
The book is about the daunting task to get evidence from computers suited with the Windows Operating System. This book is split in three parts. The first part is to get a basic understanding of how things work and what kind of vulnerabilities there are on a typical windows machine. Rootkits are touched lightly although there is some information to get a basic understanding of this complex and threatening technology there could be expected more.

The second part is about analysing a Windows Computer. Tools and techniques are discussed here and some explanation about the various filesystems. There could be less focus on the `EnCase` suite in my opinion.

The last, and in my opinion best part, is about about analysing logs, logparser and how to make your job much easier in gathering information and evidence from a windows machine. A great part with a wealth of useful tips and tricks. Even if you're not directly involved with forensics.

So the authors of this book discussed the basics of foresic investigation and security techniques and also the reasoning behind them. Overall they did a good job. They are not afraid to point out some other interesting booktitles to get even more knowledge about a specific topic. However there could be less focus on `EnCase` and more detailed information about certain topics such as rootkits.

Rob Faber CISSP, CEH, MCSE
Infrastructure architect / Sr. Security consultant
The Netherlands

User review
Windows Netowork Forensic
This book is well worth the price. Much information regarding network configuration and network logs examination, which is highly needed in performing investigations in todays complicated syndicate