Chad Steel, «Windows Forensics: The Field Guide for Corporate Computer Investigations»

The evidence is in—to solve Windows crime, you need Windows tools

An arcane pursuit a decade ago, forensic science today is a household term. And while the computer forensic analyst may not lead as exciting a life as TV's CSIs do, he or she relies just as heavily on scientific principles and just as surely solves crime.

Whether you are contemplating a career in this growing field or are already an analyst in a Unix/Linux environment, this book prepares you to combat computer crime in the Windows world. Here are the tools to help you recover sabotaged files, track down the source of threatening e-mails, investigate industrial espionage, and expose computer criminals.

Identify evidence of fraud, electronic theft, and employee Internet abuse
Investigate crime related to instant messaging, Lotus Notes®, and increasingly popular browsers such as Firefox®
Learn what it takes to become a computer forensics analyst
Take advantage of sample forms and layouts as well as case studies
Protect the integrity of evidence
Compile a forensic response toolkit
Assess and analyze damage from computer crime and process the crime scene
Develop a structure for effectively conducting investigations
Discover how to locate evidence in the Windows Registry