Index
A
Access control list (ACL), USB device analysis, 117–118
Acquired images, see also Hard drive image
ASCII timelines, 196
dynamic application analysis, 236
Event Log file extraction, 79
historical Registry data, 141
installed AV applications, 171
malware detection, 168
multiple antivirus scans, 173–174
timeline creation, 214
timeline creation on XP, 217–218
VM log-in tips, 236
VSCs
batch files, 64
diskpart command, 58
FTK Imager, 53f
image file formats, 66
LiveView, 53
overview, 52–67
ProDiscover BE, 59–60
VMDKs and SIFT, 62
Acquisition process
F-Response, 39
incident response, 38
Active ...
Get Windows Forensic Analysis Toolkit, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.