Forums
Main Category
General (Technical,...
Any recommendations...
 
Notifications
Clear all

Any recommendations on a Good EnCase Book

 
General (Technical, Procedural, Software, Hardware etc.)
Last Post by ddow 17 years ago
8 Posts
8 Users
0 Reactions
815 Views
RSS
 mwade
(@mwade)
Trusted Member
Joined: 18 years ago
Posts: 77
Topic starter 26/06/2008 9:23 pm  

Hello All,

I know there are many different books out there on how to use EnCase. Before I buy one (especally since most are online and not at the local bookstore where I can see it before I buy it) does anyone have any highly recommended books on the EnCase Forensics product, hopfully version 6.x. I have bought some real crappy books online (not being able to really see them in person) and as expensive as books are these days I only want to do it once.

Any help would be appreciated.

Thanks,
Mark


   
Quote
azrael
 azrael
(@azrael)
Honorable Member
Joined: 19 years ago
Posts: 656
26/06/2008 9:45 pm  

The only one that I was aware of is the "Official EnCE Book" which I thought was pretty reasonable …

What others are there ?


   
ReplyQuote
 BitHead
(@bithead)
Noble Member
Joined: 20 years ago
Posts: 1206
26/06/2008 10:19 pm  

There is a newer Second Edition. ISBN 978-0-470-18145-4

But still the same.


   
ReplyQuote
 Minesh
(@minesh)
Trusted Member
Joined: 18 years ago
Posts: 75
27/06/2008 1:52 am  

Agree, it is pretty good. Didn't use the demo version on the CD that comes with it, but I think I read that it isn't too great, so if you have access to the full version, better to use it.

Kind Regards,

Minesh


   
ReplyQuote
 jakeaw03
(@jakeaw03)
Trusted Member
Joined: 17 years ago
Posts: 65
27/06/2008 7:51 am  

Thanks for all the input.

Mark


   
ReplyQuote
E5Pro
 E5Pro
(@e5pro)
Trusted Member
Joined: 18 years ago
Posts: 69
28/06/2008 6:23 am  

I'll sell mine
The Official EnCase Certified Examiner Study Guide 2006
With DVD
Edition 1


   
ReplyQuote
cfprof
 cfprof
(@cfprof)
Trusted Member
Joined: 20 years ago
Posts: 80
29/06/2008 10:57 am  

The second edition uses v. 6.

We had a whole batch with disfunctional demo versions of EnCase. The software just wouldn't work.

I called the editor and was told "Guidance probably disabled those features". Yeah, they disabled searching, viewing in hex, hashing, etc. Right!

I was eventually told that there were "issues" and that they were being resolved. Subsequent calls were not returned.

All that being said, I think the book is actually pretty good and if you are testing for the EnCE it is especially useful. And…Bunting seems like a genuinely good guy.


   
ReplyQuote
 ddow
(@ddow)
Reputable Member
Joined: 21 years ago
Posts: 278
29/06/2008 7:01 pm  

Like cfproj, I just used edition 2 in my last class and can attest to the issues. Even by using the demo version from edition 1 posted on the publisher's web site, we were only able to get about 50% of the labs to work. The author wasn't told of the change in version and is now working with Guidance to get the issues rectified In the interm, I'd avoid edition 2. I'd avoid it to the extent that my recommendation to the school is to dump it (and EnCase) completely.


   
ReplyQuote
Forum Jump:
  Previous Topic
Next Topic  
Share: