Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Windows Forensics Analyst Field Guide

You're reading from   Windows Forensics Analyst Field Guide Engage in proactive cyber defense using digital forensics techniques

Arrow left icon
Product type Paperback
Published in Oct 2023
Publisher Packt
ISBN-13 9781803248479
Length 318 pages
Edition 1st Edition
Concepts
Arrow right icon
Author (1):
Arrow left icon
Muhiballah Mohammed Muhiballah Mohammed
Author Profile Icon Muhiballah Mohammed
Muhiballah Mohammed
Arrow right icon
View More author details
Toc

Table of Contents (14) Chapters Close

Preface 1. Part 1:Windows OS Forensics and Lab Preparation
2. Chapter 1: Introducing the Windows OS and Filesystems and Getting Prepared for the Labs FREE CHAPTER 3. Chapter 2: Evidence Acquisition 4. Chapter 3: Memory Forensics for the Windows OS 5. Chapter 4: The Windows Registry 6. Chapter 5: User Profiling Using the Windows Registry 7. Part 2:Windows OS Additional Artifacts
8. Chapter 6: Application Execution Artifacts 9. Chapter 7: Forensic Analysis of USB Artifacts 10. Chapter 8: Forensic Analysis of Browser Artifacts 11. Chapter 9: Exploring Additional Artifacts 12. Index 13. Other Books You May Enjoy

Summary

In this chapter, we discussed the tools and techniques used to acquire and collect digital forensic evidence. We learned about the effective use of tools such as KAPE and FTK Imager, which can help us to properly acquire evidence and ensure its integrity. By familiarizing ourselves with these tools, we can better navigate the complexities of forensic investigations and preserve the CoC for the evidence we collect.

By understanding this chapter, you will be able to collect and preserve digital evidence using various tools.

In the next chapter, we will explore the field of memory forensics. Memory forensics is the process of analyzing a computer’s volatile memory, which can provide valuable insights into active processes, network connections, and potential malicious activity. We will discuss prominent tools and methodologies used in memory forensics, and we will learn how to use these tools to uncover advanced threats and expose intricate attack vectors.

I hope...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image