Windows Forensics Analysis
Authors: Mariam Aljouhi
Journal: Emirati Journal Of Policing And Security Studies
Publication Date: Vol 1 Issue 1, ( 2022 )
Keywords: Digital Forensics, Windows Registry, Digital Evidence, Computer Investigation, Forensic Tools.
Abstract
Computer forensics focuses on investigating crimes involving digital devices such as hard disks and other storage media to uncover evidence of unauthorized access. Forensic investigators perform detailed analyses using both static and dynamic approaches, leveraging specialized tools like ProDiscover, EnCase, AccessData FTK, and Autopsy to ensure organizational forensic cyber security.
This process demands comprehensive knowledge of system registries, relevant laws and regulations on computer investigation, operating systems (e.g., Windows, Linux), and organizational networks (e.g., Windows NT).
In this paper, we apply various forensic tools for Windows to extract and analyze forensic evidence from a Windows environment, demonstrating effective techniques for digital forensics and cybercrime investigation.
Comments are closed.