Network intrusion analysis: methodologies, tools, and techniques for incident analysis and response

Search by :

ALL Author Subject ISBN/ISSN Advanced Search

Last search:

Image of Network intrusion analysis: methodologies, tools, and techniques for incident analysis and response

Text

Network intrusion analysis: methodologies, tools, and techniques for incident analysis and response

Fichera, Joe - Personal Name; Bolt, Steven - Personal Name;

Table of Contents

Chapter 1. Introduction
Introducing Network Intrusion Analysis

Chapter 2. Intrusion Methodologies and Artifacts
Stage 1: Pre-Intrusion Actions: AKA Reconnaissance
Stage 2: Intrusion Methods
References

Chapter 3. Incident Response
Introduction
Section 1: Methodology
Trusted Toolset
Commercial Triage Tools
Section 2 Memory Acquisition
Introduction
Acquisition
Mdd_1.3.exe
Usage
Win32dd
FTK Imager
Conclusion
References

Chapter 4. Volatile Data Analysis
Introduction
What is Volatile Data?
What is Non-Volatile Data?
Section 1: Collection Tools
Commercial Triage Tools
EnCase Portable, Guidance Software, Inc.
US-LATT, WetStone Technologies, Inc.
Section 2: Memory Analysis
RAM Analysis
References

Chapter 5. Network Analysis
Introduction
Methodology
Network Traffic
Snort
Packet Analysis Tools
Wireshark
Analyzing Data with Wireshark
Netwitness Investigator
Analyzing Data with Netwitness
Log Analysis
Witness Devices
Viewing, Acquiring, Triaging Devices over the Network
References

Chapter 6. Host Analysis
Introduction
Methodology
References

Chapter 7. Malware Analysis
Introduction
Malware Sandbox Creation
Behavioral Analysis Walkthrough
Step 2: Starting the Monitoring Applications
Reporting
Conclusion
References

Chapter 8. Reporting After Analysis
Introduction
Getting Started
The Report Header
Index

Availability

Perpustakaan Poltek SSN (Rak 000) 005.8 FIC n

b0001354

Available - Available

Detail Information

Series Title: --
Call Number: 005.8 FIC n
Publisher: Massachusetts : Syngress., 2013
Collation: xii, 239 hal.; ilus.; 23 cm
Language: English
ISBN/ISSN: 9781597499620
Classification: 005.8
Content Type: -
Media Type: -
Carrier Type: -
Edition: 1st edition
Subject(s): Computer security
Internet -- Security Measures
Computer crimes -- Investigation
Computer networks -- Security measures
Intrusion detection systems (Computer security)
Specific Detail Info: --
Statement of Responsibility: Joe Fichera and Steven Bolt

Other version/related

No other version available

File Attachment

No Data

Comments

You must be logged in to post a comment