Windows Forensic Analysis DVD Toolkit, 2E covers both live and post-mortem response collection and analysis methodologies, addressing material that is applicable to law enforcement, the federal government, students, and consultants. The book is also accessible to system administrators, who are often the frontline when an incident occurs, but due to staffing and budget constraints do not have the necessary knowledge to respond effectively. The book's companion DVD contains significant new and updated materials (movies, spreadsheet, code, etc.) not available any place else, because they are created and maintained by the author.
Chapter 1 Live Response : Collecting Volatile Data
Chapter 2 Live Response : Data Analysis
Chapter 3 Windows Memory Analysis
Chapter 4 Registry Analysis
Chapter 5 File Analysis
Chapter 6 Executable File Analysis
Chapter 7 Rootkits and Rootkit Detection
Chapter 8 Tying It All Together
Chapter 9 Performing Analysis on a Budget