#1,593 in Computers & technology books
Use arrows to jump to the previous/next product

Reddit mentions of Incident Response & Computer Forensics, Third Edition

Sentiment score: 2
Reddit mentions: 2

We found 2 Reddit mentions of Incident Response & Computer Forensics, Third Edition. Here are the top ones.

Incident Response & Computer Forensics, Third Edition
Buying options
View on Amazon.com
or
Specs:
Release dateAugust 2014
Related categories:

idea-bulb Interested in what Redditors like? Check out our Shuffle feature

Shuffle: random products popular on Reddit

Found 2 comments on Incident Response & Computer Forensics, Third Edition:

u/Kalabaster ยท 6 pointsr/AskNetsec

How has the holy trinity not been mentioned?

Incident Response & Computer Forensics, Third Edition

  • This one will hit a lot of the beats you're looking for, even though it's a bit old (up to Win7) but still has the majority of things you need to get in there. Learn this book at 50% retention and you'll be better than a good majority of the IR professionals currently billing hours.

    Practical Malware Analysis
  • Less focused on attack to defense relationships but lays the groundwork for a better look into what and why certain things "be how they be"

    Art of memory forensics
  • Rounds it all out a bit with some fresh volatility goodness
u/Kconnor00765 ยท 2 pointsr/computerforensics

I'm LE and DFIR Examiner. What QuietForensics said is absolutely right. Your private sector gigs are mainly going to be Incident Response. For instance, JPMorgan Chase has been expanding their teams which are comprised of IR (e.g. Breaches) and Digital Forensics (in support of Internal Investigations/Insider Threat). If your experience is limited to Dead-Box Forensics, you will have a number of hurdles to overcome insofar as initial assessments for interviews. For instance, would you be able to tell what artifacts (on a Windows System) you would examine in order to collect evidence associated with an individual accessing a network shared drive and viewing files remotely (the files were never transferred and they were never opened. They were simply previewed.) What artifacts would you leverage?

These are the kind of rudimentary questions you would have to know. You will also have to be familiar with basic knowledge associated with Networking (e.g. Ports, Protocols, etc). If it's a position that deals strictly with Dead-Box Forensics, you have to be very comfortable with explaining artifacts and not just show that you know what I like to refer to as Nintendo-Level Forensics where one pushes a button and the solution images the device and spits out a report (e.g. Cellebrite). You really need to know your Registry Hives, ShellBags, etc.

My suggestion...start putting in for those positions, do a couple of interviews, and see where you are at insofar as to your level. There are a lot of skills that are transferable from the LE sector to private (e.g. Chain of Evidence, Case Filing, Court Testimony, Risk Management, etc). If you feel that you are short on the more technical skills, consider studying the domains of Sec+ and Incident Response & Computer Forensics - Third Edition.

Good luck.