practice-labs
Infosec Lab

Forensic Analysis of Windows Server Lab

In this lab, you will learn how to search through a forensic disk image in dd format to find artifacts related to an intrusion on a Windows Server. A hacker’s dream is to compromise a Windows Server, especially a domain controller, because they can leverage the Domain administrator account to control most of the other systems within in the network. The relevant forensic artifacts from a Windows Server include log files, event viewer files, and registry entries.

Share
Start CourseNeed to train your team? Learn More
Create Free AccountNeed to train your team? Learn More

Overview

In this lab, you will learn how to search through a forensic disk image in dd format to find artifacts related to an intrusion on a Windows Server. A hacker’s dream is to compromise a Windows Server, especially a domain controller, because they can leverage the Domain administrator account to control most of the other systems within in the network. The relevant forensic artifacts from a Windows Server include log files, event viewer files, and registry entries.

Learning Partner
Infosec Learning
Infosec Learning provides businesses, colleges, governments, and K-12 school districts a feature rich information technology training and skill assessment service via an advanced, cloud based, virtual machine powered platform, capable of significant customization with unlimited scale and growth potential.

Start learning for free today

Join over 3 million cybersecurity professionals advancing their career

Register
Join over 3 million cybersecurity professionals advancing their career
or sign up with
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
This is some text inside of a div block.
Button Text