»
Virtualization and Forensics
 
 

Virtualization and Forensics, 1st Edition

A Digital Forensic Investigator’s Guide to Virtual Environments

 
Virtualization and Forensics, 1st Edition,Diane Barrett,Greg Kipper,ISBN9781597495578
 
 
Up to
25%
off
 

  &      

Syngress

9781597495578

9781597495585

272

235 X 191

A digital forensic investigator’s guide to virtual environments.

Print Book + eBook

USD 73.74
USD 122.90

Buy both together and save 40%

Print Book

Paperback

In Stock

Estimated Delivery Time
USD 47.21
USD 62.95

eBook
eBook Overview

VST format:

DRM Free included formats: EPub, Mobi, PDF

USD 44.96
USD 59.95
Add to Cart
 
 

Key Features

  • Named a 2011 Best Digital Forensics Book by InfoSec Reviews
  • Gives you the end-to-end knowledge needed to identify server, desktop, and portable virtual environments, including: VMware, Parallels, Microsoft, and Sun
  • Covers technological advances in virtualization tools, methods, and issues in digital forensic investigations
  • Explores trends and emerging technologies surrounding virtualization technology

Description

Virtualization and Forensics: A Digital Forensic Investigators Guide to Virtual Environments provides an introduction to virtualized environments and their implications on forensic investigations. It emphasizes the need for organizations using virtualization to be proactive rather than reactive. Being proactive means learning the methods in this book to train staff, so when an incident occurs, they can quickly perform the forensics and minimize the damage to their systems. The book is organized into three parts. Part I deals with the virtualization process and the different types of virtualized environments. It explains how virtualization happens along with the various methods of virtualization, hypervisors, and the main categories of virtualization. It discusses server virtualization, desktop virtualization, and the various portable virtualization programs, emulators, and appliances. Part II details how virtualization interacts with the basic forensic process. It describes the methods used to find virtualization artifacts in dead and live environments, and identifies the virtual activities that affect the examination process. Part III addresses advanced virtualization issues, such as the challenges of virtualized environments, cloud computing, and the future of virtualization.

Readership

Forensic Investigators (corporate and law enforcement) and Incident Response Professionals.

Diane Barrett

Diane Barrett has been a contract forensic examiner at ForenTech since Oct. 2006 and is Professor for Computer Forensics and Network Security programs at the University of Advancing Technology. Additionally, Diane is the Faculty Council Chair for the systems development group and teaches several short online classes for web-based learning sites such as HP and Forbes. CCNA, CISSP, ISSMP, IAM/IEM Certified Steganographer, CCE Certificate of completion.

Affiliations and Expertise

CCNA, CISSP, ISSMP, IAM/IEM Certified Steganographer, CCE Certificate of completion.

Greg Kipper

Gregory Kipper is a futurist and strategic forecaster in emerging technologies. He specialized in IT security and information assurance for 17 years, working for the last 11 years in the fields of digital forensics and the impacts emerging technologies have on crime and crime fighting. Mr. Kipper has been the keynote speaker at select industry events, a digital forensics instructor, and a trusted advisor to both the government and commercial sectors. He has published books in the fields of digital forensics and emerging technologies, including: "Investigator's Guide to Steganography," "Wireless Crime and Forensic Investigation," and "Virtualization and Forensics."

Affiliations and Expertise

is a futurist and strategic forecaster in emerging technologies. Mr. Kipper has been the keynote speaker at select industry events, a digital forensics instructor, and a trusted advisor in both the government and commercial sectors. He has published books in the fields of digital forensics and emerging technologies, including: "Investigator's Guide to Steganography," "Wireless Crime and Forensic Investigation," and "Virtualization and Forensics."

Virtualization and Forensics, 1st Edition


Acknowledgments

Introduction

About the Authors

Part 1 Virtualization

    Chapter 1 How Virtualization Happens

         Physical Machines

         How Virtualization Works

         Hypervisors

         Main Categories of Virtualization

         Benefits of Virtualization

         Cost of Virtualization

         Summary

         References

         Bibliography

    Chapter 2 Server Virtualization

         What Is Server Virtualization?

         Differences between Desktop and Server Virtualization

         Common Virtual Servers

         Summary

         References

         Bibliography

    Chapter 3 Desktop Virtualization

         What Is Desktop Virtualization?

         Common Virtual Desktops

         Virtual Appliances and Forensics

         Virtual Desktops as a Forensic Platform

         Summary

         Bibliography

    Chapter 4 Portable Virtualization, Emulators, and Appliances

         MojoPac

         MokaFive

         Preconfigured Virtual Environments

         Virtual Appliance Providers

         JumpBox Virtual Appliances

         VirtualBox

         Virtualization Hardware Devices

         Virtual Privacy Machine

         Virtual Emulators

         Future Development

         Summary

         References

         Bibliography

Part 2 Forensics

    Chapter 5 Investigating Dead Virtual Environments

         Install Files

         Remnants

         Registry

         Microsoft Disk Image Formats

         Data to Look for

         Investigator Tips

         Summary

         References

         Bibliography

    Chapter 6 Investigating Live Virtual Environments

         The Fundamentals of Investigating Live Virtual Environments

         Artifacts

         Processes and Ports

          Log Files

         VM Memory Usage

         Memory Analysis 121

         ESXi Analysis

         Microsoft Analysis Tools

         Moving Forward

         Summary

         References

         Bibliography

    Chapter 7 Finding and Imaging Virtual Environments

         Detecting Rogue Virtual Machines

         Is It Real or Is It Memorex?

         Imaging Virtual Machines

         Snapshots

         VMotion

         Identification and Conversion Tools

         Environment to Environment Conversion

         Summary

         References

         Bibliography

Part 3 Advanced Virtualization

    Chapter 8 Virtual Environments and Compliance

         Standards

         Compliance

         Organizational Chain of Custody

         Data Retention Policies

         Summary

         References

         Bibliography

    Chapter 9 Virtualization Challenges

         Data Centers

         Security Considerations

         Malware and Virtualization

         Red Pill, Blue Pill, No Pill

         Additional Challenges

         Virtualization Drawbacks

         Summary

         References

         Bibliography

    Chapter 10 Cloud Computing and the Forensic Challenges

         What Is Cloud Computing?

         Cloud Computing Services

         Streaming Operating Systems

         Application Streaming

         Virtual Applications

         Cloud Computing, Virtualization, and Security

         Cloud Computing and Forensics

         Summary

         Bibliography

    Chapter 11 Visions of the Future: Virtualization and Cloud Computing

         Future of Virtualization

         The Evolving Cloud

         Autonomic Computing

         Summary

         Bibliography

Appendix: Performing Physical-to-Virtual and Virtual-to-Virtual Migrations

Glossary

Index




 
 
Save up to 25% on all Books
Shop with Confidence

Free Shipping around the world
▪ Broad range of products
▪ 30 days return policy
FAQ

Contact Us