Books on computer forensics?

Advise less fresh books on forensic, computer forensics, it is desirable in Russian. And then only a bump on the book Fedotov everywhere.
June 10th 19 at 14:36
2 answers
June 10th 19 at 14:38
And no, all the latest books in English.
Can only a few links of article with Habra pop:
UPD: Can the course from specialist to look, SAINT Investigation of hacking incidents
still hacker from Russia :) - Pedro65 commented on June 10th 19 at 14:41
then it is logical to assume that all the techs from the US :) - kacie60 commented on June 10th 19 at 14:44
And the English do not tell a good introductory book? - joel_Ledner commented on June 10th 19 at 14:47
sorry can't advise, because it is not particularly strong in this area. Can only book from the series "For dummies" Computer Forensics For Dummies by Carol Pollard
They usually are suitable for learning from scratch. - brandyn commented on June 10th 19 at 14:50
June 10th 19 at 14:40
I would suggest:
1. Books on the Windows device registry. Ranging from XP to 10.
2. The same thing, only about *nix, if you plan to work with him.
3. Pay special attention to the creation of a timeline.
4. Learn Wireshark, too, is necessary.
5. Try the ever-popular system zipovoj forensics: Belkasoft, EnCase, etc.
6. Let's add log2timeline, Sysinternal Suite, FTK Imager, Event Log Explorer, program to recover deleted information, programs for password in the archive.
7. Feel free images LiveCD systems, of which there are plenty, even on habré article with description.
8. Remove the image from any computer and try to determine what did people who rabotal, with whom communicated, what sites visited, etc. From their it was no use - and so you all know.

Specifically, books in Russian for the CIS no. There is no good. I would advise you to read "Digital Archaeology The Art and Science of Digital Forensics by Michael W. Graves" or something like that it's called. Plus necessarily blogs on the forensic, a lot of them. It periodically skips a good video in English. Also look for articles of the Affairs of the CIS, is useful. Well, the Russian-speaking forum to learn, sometimes it skips interesting posts.

Find more questions by tags Jurisprudence in ITInformation securityComputer forensics