Company: O'Reilly Author: Ric Messier Full Title: Operating System Forensic Analysis Year: 2017 Language: English Genre: Educational: Operating Systems Skill Level: - Price: - - Files: MP4 Time: 01:38:40 Video: AVC, 1280 x 720 (1.778) at 29.970 fps, 990 kbps Audio: AAC at 125 Kbps, 2 channels, 48.0 KHz Files, email messages, and social media posts all contain valuable information for digital forensic investigators when searching for evidence of a crime or intrusions into a computer system or network, but there’s also a wealth of information to be gleaned from a computer’s operating system. This includes user data, configuration settings, and a significant trail of user activities. Today, there are a number of tools available to extract and analyze this information. In this course designed for entry- to intermediate-level law enforcement and corporate investigators, you’ll learn how to use readily available, open source tools to find valuable information in the Windows Registry. You’ll also see how to create and use logs with Windows Event Log and Linux Syslog, which you then can examine for traces of suspicious or unauthorized activity. Finally, you’ll look at the techniques employed by investigators to handle and process all of this important information to assist you in your forensic tasks. Lessons: Introduction 01. Welcome to the Course 02. About the Author Windows Analysis 03. Windows Registry 04. Registry Hives 05. Using regshot 06. Using regripper to extract information 07. Reading regripper output 08. SysInternals Tools 09. Network Connections with TCPView 10. Process Information with ProcExp 11. Windows Event Viewer 12. Windows Event Logs 13. Windows Auditing 14. Home Directories 15. User Specific Settings 16. Process Listings 17. Identifying Permissions Linux Analysis 18. Linux Configuration 19. Linux Logging 20. Auditing 21. Home Directories 22. Pseudo Filesystems (/dev, /proc) 23. The /proc filesystem 24. Process Listings 25. Identifying Permissions Conclusion 26. Wrap Up Damnant quod non intellegunt! ------------- Damnant quod non intellegunt!