Index

Abel tool. See Cain & Abel sniffer

aboutexaminer.htm file

access

file access events

vs. logon

System Volume Information folder

access control lists (ACLs)

access points

DHCP logs

rogue

access tokens

Accesses field

Account Domain field

file access

logon events

NTLM authentication

account logon events

early logs

Kerberos authentication

failed attempts

overview

retrieving administrative information

service tickets

successful logon evidence

vs. logon events. See also logons and logon events

NTLM authentication

summary

Terminal Services

account management events

evaluating

logs

Account Name field

Account Operators groups

accounts

domain

local

computer

domain environments

locking out

modified

multiple groups

user ...

Get Mastering Windows Network Forensics and Investigation, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Mastering Windows Network Forensics and Investigation, 2nd Edition by

Index

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly