Examining the Windows Registry and Property List

15 Aug Examining the Windows Registry and Property List

Posted at 17:42h in General Questions by

You must use at least 5 references, all from published, reliable literature (i.e., don’t use sites like Wikipedia as your source). You may, of course, have more than 5 references but at least 5 need to use published peer-reviewed literature

Question: What information is of forensic value in the Window Registry and Property List?

Outline:

I. Importance of Windows Registry and .plist as evidence

a.     Gold mine for forensic evidence

b.     Registries are modifiable

c.     Malware found

d.     User activity used to map out recent activities

i.     timestamps

e.     Stores configuration settings

II. Common issues

a.     Missing Data

b.     Extracting Data

c.     No knowledge about structure

Related Tags

Academic APA Assignment Business Capstone College Conclusion Course Day Discussion Double Spaced Essay English Finance General Graduate History Information Justify Literature Management Market Masters Math Minimum MLA Nursing Organizational Outline Pages Paper Presentation Questions Questionnaire Reference Response Response School Subject Slides Sources Student Support Times New Roman Title Topics Word Write Writing

15 Aug Examining the Windows Registry and Property List

Related Tags

Who We Are

Some Categories

More Links

We Accept