The Bottom Line
This book is a great place for someone to start into the field of computer forensics. Written in a style most can follow it provides a solid foundation of the tools and tricks of the trade.
Pros
- Easy to read- not too technical
- Complete overview of forensic tools and techniques
- Great as a primer or a reference source
Cons
- May not offer much to experienced forensics techs
Description
- A concise and solid explanation of the fundamentals of computer forensics and incident response
- Covers multiple platforms- Windows, Macintosh, DOS, *Nix
- The basic steps of acquiring, authenticating and analyzing evidence are timeless
- Provides an understanding which can be used as a springboard to more technical books
Guide Review - Book Review: Computer Forensics
This book is a couple years old now, but the fundamentals remain essentially the same. Kruse and Heiser are seasoned experts in computer forensics and incident response and they have managed to boil down years of knowledge and experience into a format that is easy to read and understand. While security experts may not learn anything new from this book, those entering the field will find it invaluable. It is comprehensive and detailed while remaining easy to read. The foundation provided by reading and understanding this book can be used to move forward into more technical areas. Computer Forensics is not fluff by any means though and could easily be kept nearby as a handy reference for a computer forensic investigation.
