Windows registry forensics : advanced digital forensic analysis of the Windows registry / [electronic resource]
by Carvey, Harlan A [author.].
Material type:
BookPublisher: Cambridge, MA : Syngress is an imprint of Elsevier, 2016.Edition: 2nd ed.Description: 1 online resource.ISBN: 9780128033357; 0128033355; 012803291X; 9780128032916.Subject(s): Microsoft Windows (Computer file) | Microsoft Windows (Computer file) | Operating systems (Computers) | Computer crimes -- Investigation -- Methodology | Computer networks -- Security measures | Computer security | Component software | SOCIAL SCIENCE -- Criminology | Component software | Computer networks -- Security measures | Computer security | Operating systems (Computers) | Electronic booksOnline resources: ScienceDirect Summary: Harlan Carvey brings readers an advanced book on Windows Registry. The first book of its kind EVER -- Windows Registry Forensics provides the background of the Registry to help develop an understanding of the binary structure of Registry hive files. Approaches to live response and analysis are included, and tools and techniques for postmortem analysis are discussed at length. Tools and techniques will be presented that take the analyst beyond the current use of viewers and into real analysis of data contained in the Registry. Named a 2011 Best Digital Forens.
No physical items for this record
Includes index.
Online resource; title from PDF title page (SpringerLink, viewed March 16, 2016).
Harlan Carvey brings readers an advanced book on Windows Registry. The first book of its kind EVER -- Windows Registry Forensics provides the background of the Registry to help develop an understanding of the binary structure of Registry hive files. Approaches to live response and analysis are included, and tools and techniques for postmortem analysis are discussed at length. Tools and techniques will be presented that take the analyst beyond the current use of viewers and into real analysis of data contained in the Registry. Named a 2011 Best Digital Forens.
There are no comments for this item.