Continuing to process your case, this day starts with a review of the Windows Registry and continues to expand your knowledge concerning other key Windows artifacts. You will learn how to perform a detailed investigation of user Internet History, Windows Event Logs, and other artifacts typically overlooked by most forensic examiners lacking in the knowledge that we will be covering.
You will also be learning how to create a timeline of events that will help you to focus on what took place on the computer system and when, enabling you to quickly locate relevant evidence.
DAY FOUR TOPICS
User Registry Information - NTUSER.DAT
Logfiles and Trace Evidence
Chat and Social Networking
Evening Session: Optional, Until 21:00
Open Topics Based On Student Requests
Copyright © 2013 All rights reserved. Aurenav LLC.