Book Review: Digital Forensics Basics: A Practical Guide Using Windows OS
By Nihad A. Hassan. Apress; apress.com/us; 360 pages; $39.99.
For any network of significant size, the question is not if there will be a breach, but when the breach will happen. And when that breach occurs, there are generally two goals at hand—get the intruders out and determine who they were.
In Digital Forensics Basics: A Practical Guide Using Windows OS, author Nihad Hassan has written a practical, hands-on guide that can help the novice user get up to speed on Windows forensics.
The book starts with an introduction to the core concepts of digital forensics and technical concepts around file systems. It then progresses to the steps needed to investigate an incident, including gathering and analyzing data. The author explores several software tools that can be used in the investigation process.
Written for those with little to no background in digital forensics, the book walks the reader through the various actions involved. The book covers only the Microsoft Windows operating system; therefore, if the affected systems are Macintosh or Linux, this book does not address them.
While far from a definitive reference, this book is a reliable guide. For those looking for a practical introduction to digital forensics, this is an excellent book to start with.
Reviewer: Ben Rothke, CISSP (Certified Information Systems Security Professional), is a senior information security specialist with Tapad, Inc.