Windows Forensics Implementation

Learn how to understand and implement a Windows Computer Forensics process for your Enterprise

Computer forensics (also known as computer forensic science) is a branch of digital forensic science pertaining to evidence found in computers and digital storage media. The goal of computer forensics is to examine digital media in a forensically sound manner with the aim of identifying, preserving, recovering, analyzing and presenting facts and opinions about the digital information.

What you’ll learn

  • Learn concepts and Implementation of Windows Forensics.
  • Learn a clear process for IT departments to apply Windows Forensics.
  • Understand how Windows Forensics works for any windows computer.
  • Learn basics of Windows Forensics for Volatile Information Gathering.

Course Content

  • Introduction –> 1 lecture • 1min.
  • Planning for Windows Forensics and Overview –> 1 lecture • 7min.
  • Windows Information and Volatile Information –> 1 lecture • 9min.
  • Command Line for Windows Forensics –> 1 lecture • 5min.
  • Network and History –> 1 lecture • 4min.
  • Packages and File Signature –> 1 lecture • 4min.
  • System Information –> 1 lecture • 2min.
  • Registry and Services –> 1 lecture • 2min.
  • Processes and Keys –> 1 lecture • 3min.
  • Msconfig and Processes –> 1 lecture • 6min.
  • Memory Checking and Autoruns –> 1 lecture • 4min.
  • Windows Volatile Tools –> 1 lecture • 5min.

Auto Draft

Requirements

  • Any windows computer.

Computer forensics (also known as computer forensic science) is a branch of digital forensic science pertaining to evidence found in computers and digital storage media. The goal of computer forensics is to examine digital media in a forensically sound manner with the aim of identifying, preserving, recovering, analyzing and presenting facts and opinions about the digital information.

Although it is most often associated with the investigation of a wide variety of computer crime, computer forensics may also be used in civil proceedings. The discipline involves similar techniques and principles to data recovery, but with additional guidelines and practices designed to create a legal audit trail.

Evidence from computer forensics investigations is usually subjected to the same guidelines and practices of other digital evidence. It has been used in a number of high-profile cases and is becoming widely accepted as reliable within U.S. and European court systems.

In the early 1980s personal computers became more accessible to consumers, leading to their increased use in criminal activity (for example, to help commit fraud). At the same time, several new “computer crimes” were recognized (such as cracking). The discipline of computer forensics emerged during this time as a method to recover and investigate digital evidence for use in court. Since then computer crime and computer related crime has grown, and has jumped 67% between 2002 and 2003. Today it is used to investigate a wide variety of crime, including child pornography, fraud, espionage, cyberstalking, murder and rape. The discipline also features in civil proceedings as a form of information gathering (for example, Electronic discovery).

On this training we are going to learn and apply Windows Forensics for your Bussines to implement a Windows Forensics Process with tools and results for your IT department or IT security teams and be prepared for any security incident towards a Forensics Analysis.