Download the free Kindle app and start reading Kindle books instantly on your smartphone, tablet or computer – no Kindle device required. Learn more

Read instantly on your browser with Kindle Cloud Reader.

Using your mobile phone camera, scan the code below and download the Kindle app.

QR code to download the Kindle App

Enter your mobile phone or email address

Processing your request...

By pressing ‘Send link’, you agree to Amazon's Conditions of Use.

You consent to receive an automated text message from or on behalf of Amazon about the Kindle App at your mobile number above. Consent is not a condition of any purchase. Message and data rates may apply.

Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more

Follow the Authors

See all
Something went wrong. Please try your request again later.

Mastering Windows Network Forensics and Investigation Paperback – 30 March 2007

4.5 out of 5 stars 11 ratings

Amazon Price
New from Used from

There is a newer edition of this item:

Save on select Books
Discover deals on fiction, non-fiction, children's books and more Shop now

Product description

From the Back Cover

Conduct Cutting–Edge Forensic Investigations of Computer Crimes.

Whether it′s phishing, bank fraud, or unlawful hacking, computer crimes are on the rise, and law enforcement personnel who investigate these crimes must learn how to properly gather forensic evidence in the computer age.

Now you can get the training you need in this comprehensive guide from two seasoned law enforcement professionals. From recognizing high–tech criminal activity and collecting evidence to presenting it in a way that judges and juries can understand, this book covers the range of skills, standards, and step–by–step procedures you ll need to conduct a criminal investigation in a Windows environment and make your evidence stand up in court.

The book also covers the emerging field of live forensics, where investigators examine a system to obtain evidence while it is still running, thus preserving live data that may be lost if the system is shut down.


  • Responding to a reported computer intrusion
  • Conducting the initial interview with the victims
  • Understanding how attackers exploit Windows networks
  • Deciphering Windows file systems, registries, and more
  • Analyzing data rapidly using live analysis techniques
  • Examining suspects computers
  • Using EnCase® for Windows event log analysis
  • Presenting technically complicated material to juries

About the Author

Steve Anson , CISSP, MCSE, is a special agent with the Pentagon s Defense Criminal Investigative Service. He has a master s degree in computer science as well as numerous industry certifications. As a former contract instructor for the FBI, he has taught hundreds of veteran federal agents, state and local police officers, and intelligence agency employees techniques for conducting computerintrusion investigations. He also founded and supervised a local police department computer crime and information services unit and served as a task force agent for the FBI. He has conducted investigations involving large–scale computer intrusions, counterterrorism, crimes against children, and many other offenses involving the substantive use of computers.

Steve Bunting is a captain with the University of Delaware Police Department, where he is responsible for computer forensics, video forensics, and investigations involving computers. He has more than thirty years experience in law enforcement, and his background in computer forensics is extensive. He is a Certified Computer Forensics Technician (CCFT) and an EnCase Certified Examiner (EnCE). He was the recipient of the 2002 Guidance Software Certified Examiner Award of Excellence. He has a bachelor s degree in applied professions/business management from Wilmington College and a computer applications certificate in network environments from the University of Delaware. He has conducted computer forensic examinations for numerous local, state, and federal agencies on a variety of cases, including extortion, homicide, embezzlement, child exploitation, intellectual property theft, and unlawful intrusions into computer systems. He has testified in court on numerous occasions as a computer forensics expert. He has taught computer forensics for Guidance Software, makers of EnCase, and taught as a lead instructor at all course levels. He has been a presenter at several seminars and workshops, is the author of numerous white papers, and is the primary author of the book EnCase Computer Forensics: The Official EnCE: EnCase Certified Examiner Study Guide , which was published by Sybex in early 2006. You can reach him at

Save on select Books
Discover deals on fiction, non-fiction, children's books and more Shop now

Product details

  • Publisher ‏ : ‎ Sybex (30 March 2007)
  • Language ‏ : ‎ English
  • Paperback ‏ : ‎ 552 pages
  • ISBN-10 ‏ : ‎ 0470097620
  • ISBN-13 ‏ : ‎ 978-0470097625
  • Dimensions ‏ : ‎ 19.05 x 3.18 x 23.5 cm
  • Customer Reviews:
    4.5 out of 5 stars 11 ratings

Customer reviews

4.5 out of 5 stars
4.5 out of 5
11 global ratings
5 star
4 star
3 star 0% (0%) 0%
2 star 0% (0%) 0%
1 star 0% (0%) 0%

Review this product

Share your thoughts with other customers

Top reviews from Australia

There are 0 reviews and 0 ratings from Australia

Top reviews from other countries

Amazon Customer
5.0 out of 5 stars Great "How to" for network forensics and live captures
Reviewed in the United States on 14 April 2007
Verified Purchase
8 people found this helpful
Report abuse
4.0 out of 5 stars Very Informative
Reviewed in the United States on 9 December 2012
Verified Purchase
5.0 out of 5 stars Great Book
Reviewed in the United States on 7 April 2010
Verified Purchase
ebosele iboi
4.0 out of 5 stars Four Stars
Reviewed in the United States on 6 June 2013
Verified Purchase
Wojciech Tatina
4.0 out of 5 stars unique information about logon scripts
Reviewed in the United States on 21 May 2010
Verified Purchase