Creating a Baseline Using the Windows Forensic Toolchest (WFT)
Students will run Windows Forensic Toolchest against an existing system to create a baseline that will be used for future analysis.
Already have an account? Sign In »
Creating a Baseline Using the Windows Forensic Toolchest (WFT) is a Cybrary Lab intended for students of Intermediate|Advanced level. Creating a Baseline Using the Windows Forensic Toolchest (WFT) teaches how to create a baseline of running services, installed services and registries key with the WFT, and is targeted toward Cyber Defense Forensics Analyst path. Upon successful completion of Creating a Baseline Using the Windows Forensic Toolchest (WFT), the student will be able to create and analyze WTF baselines. Creating a Baseline Using the Windows Forensic Toolchest (WFT) takes 30min to complete.
Through a practical scenario this laboratory proposes the following tasks:
- Create a baseline with the WFT (Windows Forensic Toolchest)
- Create a baseline of running services with the WFT
- Create a baseline of installed services with the WFT
- Create a baseline of key registries with the WFT
- Analyze the output of the created baseline
By comparing your own baseline with a previously existing baseline, the student will be able to identify relevant, possibly compromised, modifications in a variety of data, including:
- Running Processes
- System handles
- Disk usage
- Media Access Control (MAC) times for files
- Key registry entries
- User accounts
- System tasks
- Schedules tasks
Click on the launch button to start the lab.
In Creating a Baseline Using the Windows Forensic Toolchest (WFT), students will learn about baseline analysis, which involves produce and understand a baseline, analyzing its content. Utilize deployable forensics toolkit to support operations as necessary is a key part of the Cyber Defense Forensics Analyst.
Creating a Baseline Using the Windows Forensic Toolchest (WFT) is presented by Cybrary and was created by CybrScore.
Creating a Baseline Using the Windows Forensic Toolchest (WFT) is part of the Cyber Defense Forensics Analyst path. Completion of Creating a Baseline Using the Windows Forensic Toolchest (WFT) means that the student has understood how to create and analyze WTF baselines.
Click on the launch button to start the lab.
