Forums
Main Category
General (Technical,...
Incedent Response S...
 
Notifications
Clear all

Incedent Response SOP Needed

 
Page 2 / 2
General (Technical, Procedural, Software, Hardware etc.)
Last Post by keydet89 19 years ago
15 Posts
6 Users
0 Reactions
1,035 Views
RSS
 cirillop
(@cirillop)
Active Member
Joined: 19 years ago
Posts: 14
Topic starter 24/08/2006 2:03 am  

Harlan, thanks for the link but what I am try to achieve is more like the sop I got from Nate a while ago if you send me your email I will forward it to you also here is mine. Sorry I did not catch that in your last email.
paul.cirillo@inotherapy.com


   
ReplyQuote
keydet89
 keydet89
(@keydet89)
Famed Member
Joined: 21 years ago
Posts: 3568
24/08/2006 2:39 am  

Cirillop,

The link wasn't intended for you, nor was my previous question intended for you. You'll notice that I started each by referencing "ac_forensics".


   
ReplyQuote
 cirillop
(@cirillop)
Active Member
Joined: 19 years ago
Posts: 14
Topic starter 24/08/2006 8:29 pm  

Sorry


   
ReplyQuote
 ac_forensics
(@ac_forensics)
Eminent Member
Joined: 19 years ago
Posts: 44
26/08/2006 9:28 pm  

Sorry I haven't gotten back before now. Yes, Harlan, that is the white paper.

A


   
ReplyQuote
keydet89
 keydet89
(@keydet89)
Famed Member
Joined: 21 years ago
Posts: 3568
28/08/2006 2:41 am  

Ac_forensics,

Ah, okay. I wouldn't call it "a very thorough white paper on Windows IR", as according to the contents of the white paper, the objective is

The objective of this white paper is to provide initial information on methods, techniques and tools to facilitate acquisition and processing of system and application memory from Windows systems.

There are a great many things about Windows IR that the whitepaper leaves completely unaddressed. However, it is a very good (and still relevant) paper on it's topic…tools to facilitate acquisition and processing of memory from Windows systems.

H


   
ReplyQuote
Page 2 / 2
Forum Jump:
  Previous Topic
Next Topic  
Share: