Cisco Router and Switch Forensics


Book Description

Cisco IOS (the software that runs the vast majority of Cisco routers and all Cisco network switches) is the dominant routing platform on the Internet and corporate networks. This widespread distribution, as well as its architectural deficiencies, makes it a valuable target for hackers looking to attack a corporate or private network infrastructure. Compromised devices can disrupt stability, introduce malicious modification, and endanger all communication on the network. For security of the network and investigation of attacks, in-depth analysis and diagnostics are critical, but no book currently covers forensic analysis of Cisco network devices in any detail. Cisco Router and Switch Forensics is the first book devoted to criminal attacks, incident response, data collection, and legal testimony on the market leader in network devices, including routers, switches, and wireless access points. Why is this focus on network devices necessary? Because criminals are targeting networks, and network devices require a fundamentally different approach than the process taken with traditional forensics. By hacking a router, an attacker can bypass a network's firewalls, issue a denial of service (DoS) attack to disable the network, monitor and record all outgoing and incoming traffic, or redirect that communication anywhere they like. But capturing this criminal activity cannot be accomplished with the tools and techniques of traditional forensics. While forensic analysis of computers or other traditional media typically involves immediate shut-down of the target machine, creation of a duplicate, and analysis of static data, this process rarely recovers live system data. So, when an investigation focuses on live network activity, this traditional approach obviously fails. Investigators must recover data as it is transferred via the router or switch, because it is destroyed when the network device is powered down. In this case, following the traditional approach outlined in books on general computer forensics techniques is not only insufficient, but also essentially harmful to an investigation.Jargon buster: A network switch is a small hardware device that joins multiple computers together within one local area network (LAN). A router is a more sophisticated network device that joins multiple wired or wireless networks together. - The only book devoted to forensic analysis of routers and switches, focusing on the operating system that runs the vast majority of network devices in the enterprise and on the Internet - Outlines the fundamental differences between router forensics and traditional forensics, a critical distinction for responders in an investigation targeting network activity - Details where network forensics fits within the entire process of an investigation, end to end, from incident response and data collection to preparing a report and legal testimony




Cisco CCNA/CCENT Exam 640-802, 640-822, 640-816 Preparation Kit


Book Description

Three exams, two certifications, one complete Cisco training solution for networking professionals! The CCNA exam is an entry-level IT certification from Cisco Systems for professionals installing and maintaining route and switched networks. The current exam material covers networking concepts along with new and updated content on network security fundamentals and the basics of wireless networking. This book can be used as a study guide for either track you choose to receive your CCNA – the single exam, 640-802 or the combined 640-822 and 640-816, and for the CCENT certification which a student will receive upon completion of the 640-822 exam. The author team has arranged the content so that you can easily identify the objectives for each half of the combined exam. - Layout of the guide parallels the CCNA/CCENT exam objectives for ease of study - Details all aspects of the exams including security and wireless networking essentials - Covers everything from introductory to advanced topics—keeping the beginner and intermediate IT professional in mind - Chapter ending questions and answers allow for graduated learning - Two practice exams on the accompanying DVD help eliminate test-day jitters




Cybercrime and Cloud Forensics: Applications for Investigation Processes


Book Description

While cloud computing continues to transform developments in information technology services, these advancements have contributed to a rise in cyber attacks; producing an urgent need to extend the applications of investigation processes. Cybercrime and Cloud Forensics: Applications for Investigation Processes presents a collection of research and case studies of applications for investigation processes in cloud computing environments. This reference source brings together the perspectives of cloud customers, security architects, and law enforcement agencies in the developing area of cloud forensics.




Exploring Careers in Cybersecurity and Digital Forensics


Book Description

Exploring Careers in Cybersecurity and Digital Forensics is a one-stop shop for students and advisors, providing information about education, certifications, and tools to guide them in making career decisions within the field. Cybersecurity is a fairly new academic discipline and with the continued rise in cyberattacks, the need for technological and non-technological skills in responding to criminal digital behavior, as well as the requirement to respond, investigate, gather and preserve evidence is growing. Exploring Careers in Cybersecurity and Digital Forensics is designed to help students and professionals navigate the unique opportunity that a career in digital forensics and cybersecurity provides. From undergraduate degrees, job hunting and networking, to certifications and mid-career transitions, this book is a useful tool to students, advisors, and professionals alike. Lucy Tsado and Robert Osgood help students and school administrators understand the opportunity that exists in the cybersecurity and digital forensics field, provide guidance for students and professionals out there looking for alternatives through degrees, and offer solutions to close the cybersecurity skills gap through student recruiting and retention in the field.




Digital Forensics, Investigation, and Response


Book Description

Digital Forensics, Investigation, and Response, Fourth Edition examines the fundamentals of system forensics, addresses the tools, techniques, and methods used to perform computer forensics and investigation, and explores incident and intrusion response,




Digital Archaeology


Book Description

In Digital Archaeology, expert practitioner Michael Graves has written the most thorough, realistic, and up-to-date guide to the principles and techniques of modern digital forensics. He begins by providing a solid understanding of the legal underpinnings and critical laws affecting computer forensics, including key principles of evidence and case law. Next, he explains how to systematically and thoroughly investigate computer systems to unearth crimes or other misbehavior, and back it up with evidence that will stand up in court. Drawing on the analogy of archaeological research, Graves explains each key tool and method investigators use to reliably uncover hidden information in digital systems. Graves concludes by presenting coverage of important professional and business issues associated with building a career in digital forensics, including current licensing and certification requirements.







Eleventh Hour Linux+


Book Description

Eleventh Hour Linux+: Exam XK0-003 Study Guide offers a practical guide for those preparing for the Linux+ certification exam.The book begins with a review of important concepts that are needed for successful operating system installation. These include computer hardware, environment settings, partitions, and network settings. The book presents the strategies for creating filesystems; different types of filesystems; the tools used to create filesystems; and the tools used to administer filesystems. It explains the Linux boot process; how to configure system and user profiles as well as the common environment variables; and how to use BASH command line interpreter.The remaining chapters discuss how to install, configure, support, and remove applications; the configuration of Linux as a workstation and as a server; securing the Linux system; and common tools for managing a system. Each chapter includes information on exam objectives, exam warnings, and the top five toughest questions along with their answers. - Fast Facts quickly review fundamentals - Exam Warnings highlight particularly tough sections of the exam - Crunch Time sidebars point out key concepts to remember - Did You Know? sidebars cover sometimes forgotten details - Top Five Toughest Questions and answers help you to prepare




Cyber Forensics


Book Description

Updating and expanding information on concealment techniques, new technologies, hardware, software, and relevant new legislation, this second edition details scope of cyber forensics to reveal and track legal and illegal activity. Designed as an introduction and overview to the field, the authors guide you step-by-step through the basics of investigation and introduce the tools and procedures required to legally seize and forensically evaluate a suspect machine. The book covers rules of evidence, chain of custody, standard operating procedures, and the manipulation of technology to conceal illegal activities and how cyber forensics can uncover them.




Introduction to Security and Network Forensics


Book Description

Keeping up with the latest developments in cyber security requires ongoing commitment, but without a firm foundation in the principles of computer security and digital forensics, those tasked with safeguarding private information can get lost in a turbulent and shifting sea. Providing such a foundation, Introduction to Security and Network Forensics covers the basic principles of intrusion detection systems, encryption, and authentication, as well as the key academic principles related to digital forensics. Starting with an overview of general security concepts, it addresses hashing, digital certificates, enhanced software security, and network security. The text introduces the concepts of risk, threat analysis, and network forensics, and includes online access to an abundance of ancillary materials, including labs, Cisco challenges, test questions, and web-based videos. The author provides readers with access to a complete set of simulators for routers, switches, wireless access points (Cisco Aironet 1200), PIX/ASA firewalls (Version 6.x, 7.x and 8.x), Wireless LAN Controllers (WLC), Wireless ADUs, ASDMs, SDMs, Juniper, and much more, including: More than 3,700 unique Cisco challenges and 48,000 Cisco Configuration Challenge Elements 60,000 test questions, including for Certified Ethical Hacking and CISSP® 350 router labs, 180 switch labs, 160 PIX/ASA labs, and 80 Wireless labs Rounding out coverage with a look into more advanced topics, including data hiding, obfuscation, web infrastructures, and cloud and grid computing, this book provides the fundamental understanding in computer security and digital forensics required to develop and implement effective safeguards against ever-evolving cyber security threats. Along with this, the text includes a range of online lectures and related material, available at: http://asecuritybook.com.