I finally had a chance to finish reading Windows Forensic Analysis. From the start I was happy with the way the book is written, and I give it 5 of 5 possible. I am not working with forensics in my daily administration work, but I learned a lot about security methods and tools in general, something that can be of great help for normal administration too.
The book is flooded with tools worth trying, and with examples usage. The examples illustrates the topic really well, and the tools are perfect to get started on your own.
In addition to tool suggestions the author provides the reader with many perl scripts, which further helps in better understanding of the topic, and makes you want to learn more! The scripts are also simply useful and saves you a lot of time when you want to try the stuff discussed in the book. I just loooved the scripts!
I consider myself an okay experienced Windows administrator (since 1999), and many of the topics was not new. But I liked another explanation of the topics, and I also learned a lot of totally new stuff.
I recommend all Windows administrators reading this book! And dont forget to read Richard Bejtlichs review (TaoSecurity), he knows how to wrote really useful reviews!
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment