Practical forensic imaging : (Record no. 6436)

MARC details
000 -LEADER
fixed length control field 02590nam a22002777a 4500
003 - CONTROL NUMBER IDENTIFIER
control field OSt
005 - DATE AND TIME OF LATEST TRANSACTION
control field 20240112081236.0
008 - FIXED-LENGTH DATA ELEMENTS--GENERAL INFORMATION
fixed length control field 210924b ||||| |||| 00| 0 eng d
020 ## - INTERNATIONAL STANDARD BOOK NUMBER
International Standard Book Number 9781593277932
020 ## - INTERNATIONAL STANDARD BOOK NUMBER
International Standard Book Number 1593277938
040 ## - CATALOGING SOURCE
Original cataloging agency BUL
Transcribing agency BUL
Modifying agency BUL
Language of cataloging eng
Description conventions rda
082 00 - DEWEY DECIMAL CLASSIFICATION NUMBER
Classification number 363.25
Edition number 23
Item number NIK
100 1# - MAIN ENTRY--PERSONAL NAME
Personal name Nikkel, Bruce,
245 10 - TITLE STATEMENT
Title Practical forensic imaging :
Remainder of title securing digital evidence with Linux tools /
Statement of responsibility, etc. Bruce Nikkel.
264 #1 - PRODUCTION, PUBLICATION, DISTRIBUTION, MANUFACTURE, AND COPYRIGHT NOTICE
Place of production, publication, distribution, manufacture San Francisco :
Name of producer, publisher, distributor, manufacturer No Starch Press,
Date of production, publication, distribution, manufacture, or copyright notice c2016
300 ## - PHYSICAL DESCRIPTION
Extent xxvi, 292 p. :
Other physical details ill. ;
Dimensions 23 cm.
500 ## - GENERAL NOTE
General note TABLE OF CONTENTS<br/><br/><br/>Storage media overview for postmortem acquisition -- <br/>magnetic storage media<br/>non-volatile memory<br/>optical storage media<br/>interfaces and physical connectors<br/>commands, protocols and Bridges<br/>special topics<br/>closing thoughts<br/><br/><br/>Linux as a forensic acquisition platform -- <br/>linux and OSS in a forensic context<br/>linux kernel and storage devices<br/>linux kernel and filesystems<br/>linux distributions and shells<br/>closing thoughts<br/><br/><br/>Forensic image formats and acquisition tools -- <br/>raw images<br/>forensic formats<br/>squashFS as a forensic evidence container<br/>closing thoughts<br/><br/><br/>Forensic imaging preparation and setup -- <br/>maintain an audit trail<br/>organize collected evidence and command output<br/>assess acquisition infrastructure logistics<br/>establish forensic write-blocking protection<br/>closing thoughts<br/><br/><br/>Attaching physical media to an acquisition host -- <br/>examine subject PC hardware<br/>attach subject disk to an acquisition host<br/>query the subject disk for information<br/>enable access to hidden sectors<br/>ATA password security and self encrypting drives<br/>e.tc<br/><br/><br/>Forensic image acquisition -- <br/>acquire an image with dd tools<br/>acquire an image with forensic formats<br/>preserve digital evidence with cryptography<br/>manage drive failure and errors<br/>image acquisition over a network<br/>e.tc<br/><br/>Forensic image management -- <br/>manage image compression<br/>manage split images<br/>verify the integrity of a forensic image<br/>convert between image formats<br/>e.tc<br/><br/>Accessing logical, virtual, and operating system encrypted images -- <br/><br/>Extracting subsets of forensic images.<br/>assess partition layout and filesystems<br/>partition extraction<br/>other piecewise data extraction<br/>closing thoughts<br/>
504 ## - BIBLIOGRAPHY, ETC. NOTE
Bibliography, etc. note Includes Index. P 276-292
630 00 - SUBJECT ADDED ENTRY--UNIFORM TITLE
Uniform title Linux.
650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM
Topical term or geographic name entry element Computer crimes
General subdivision Investigation.
650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM
Topical term or geographic name entry element Data recovery (Computer science)
650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM
Topical term or geographic name entry element Data encryption (Computer science)
650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM
Topical term or geographic name entry element Evidence, Criminal.
942 ## - ADDED ENTRY ELEMENTS (KOHA)
Source of classification or shelving scheme Dewey Decimal Classification
Koha item type Book Closed Access
Classification part 363.25
Item part 1
Call number prefix NIK
Call number suffix 363.25 NIK
Holdings
Withdrawn status Lost status Source of classification or shelving scheme Damaged status Not for loan Home library Current library Date acquired Source of acquisition Inventory number Total Checkouts Full call number Barcode Date last seen Copy number Price effective from Koha item type
    Dewey Decimal Classification     Engineering Library Engineering Library 09/24/2021 Purchased 0027633   363.25 NIK 1 BUML24010234 09/24/2021 1 09/24/2021 Book Closed Access