Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Standard view
Full view
of .
Look up keyword or section
Like this

Table Of Contents

1.1 Authority
1.2 Purpose and Scope
1.3 Audience
1.4 Document Structure
2.1 The Need for Data Analysis
2.2 Staffing
2.3 Interactions with Other Teams
2.4.1 Defining Roles and Responsibilities
2.4.2 Providing Guidance for Data Analysis Tool Use
2.4.3 Supporting Data Analysis in the Information System Life Cycle
2.5 Procedures
2.6 Recommendations
3.1.1 Possible Sources of Data
3.1.2 Collecting the Data
3.1.3 Incident Response Considerations
3.2 Examination
3.3 Utilization
3.4 Review
3.5 Recommendations
4.1.1 File Storage Media
4.1.2 Filesystems
4.1.3 Other Data on Media
4.2.1 Copying Files from Media
4.2.2 Data File Integrity
4.2.3 File Modification, Access, and Creation Times
4.2.4 Technical Issues
4.3.1 Locating the Files
4.3.2 Accessing the Data
4.3.3 Analyzing the Data
4.4 Recommendations
5.1.1 Non-Volatile Data
5.1.2 Volatile Data
5.2.1 Acquiring Volatile OS Data
5.2.2 Acquiring Non-Volatile OS Data
5.2.3 Technical Issues with Acquiring Data
5.3 Examining OS Data
5.4 Recommendations
6.1.2 Transport Layer
6.1.3 IP Layer
6.1.4 Hardware Layer
6.1.5 Layers’ Significance in Network Data Analysis
6.2.1 Firewalls and Routers
6.2.2 Packet Sniffers and Protocol Analyzers
6.2.3 Intrusion Detection Systems
6.2.4 Remote Access
6.2.5 Security Event Management Software
6.2.6 Network Forensic Analysis Tools
6.2.7 Other Sources
6.3.1 Legal Considerations
6.3.2 Technical Issues
6.4.1 Identify an Event of Interest Data Source Value
6.4.4 Attacker Identification
6.5 Recommendations
7.1.1 Configuration Settings
7.1.2 Authentication
7.1.3 Logs
7.1.4 Data
7.1.5 Supporting Files
7.1.6 Application Architecture
7.2.1 E-mail
7.2.2 Web Usage
7.2.3 Interactive Communications
7.2.4 File Sharing
7.2.5 Document Usage
7.2.6 Security Applications
7.2.7 Data Concealment Tools
7.3 Acquiring Application Data
7.4 Examining Application Data
7.5 Recommendations
8.1 Suspected Network Service Worm Infection
8.2 Threatening E-mail
8.3 Recommendations
0 of .
Results for:
No results containing your search query
P. 1
Guide To Computer And Network Data Analysis Applying Forensic Techniques To Incident Response

Guide To Computer And Network Data Analysis Applying Forensic Techniques To Incident Response

Ratings: (0)|Views: 206|Likes:
Published by catalinolopez

More info:

Published by: catalinolopez on Mar 01, 2011
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less





You're Reading a Free Preview
Pages 4 to 51 are not shown in this preview.
You're Reading a Free Preview
Pages 55 to 65 are not shown in this preview.
You're Reading a Free Preview
Pages 69 to 107 are not shown in this preview.

Activity (3)

You've already reviewed this. Edit your review.
1 hundred reads
1 thousand reads
urbano46190bis liked this

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->