1.2 Common Myths
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
Already have an account? Sign In »
Hi. Welcome back to the curse in the last video, within a short introduction off my end on we also talk about the more Do so we're going to cover in this curse the different topics on the structure of the course. So you know what to expect.
If you haven't watched the previous video feel free to post this one, I wash it. So you understand where we're going with this
In this video, we're going to cover the basics of the windows forensics we're going to talk about. What is the other friends? Six in general. Ah, brief introduction toe windows of With this. I have to use the concept off with those forensics on why it is important. Will also explains some common meets about window forensics.
Here's a quick breeze. Has been questioned for you
was what other name is. Also know these are forensics. Is it a logical forensics or be machine for? And six maybe. See computer forensics or D cable forensics.
If you say seek orb your forensics, you're great.
The terms Computer Francis and digital forensics
are often used interchangeably to refer to the investigation off any computer or computer created a device or digital device for illegal purposes.
So what is digital forensics?
Digital forensics, or sometimes called computer forensics, is the application off scientific investigatory techniques, toe diesel crimes and attacks. It is a crucial expert off law on business in the Internet age on cumbia, rewarding a lucrative career past.
It is defined as the identification Preservation Examination on analysis, off digital evidence using scientifically accepted on validated process on the U teammate presentation off that evidence in a court off law to answer for some legal questions.
The firm is sometimes used to describe any sort off investigation off cyber attacks, even if law enforcement or the core systems aren't involved.
Leader, forensics specialist work in both the public and private sector.
From this definition, we can say the digital forensics is not just horn single process or a group off task and processes in the investigation.
In return for in six investigation practices there over hundreds off digital forensics investigation procedures developed all over the world, it's organization thanks to develop his own procedures.
So focus on the technology aspects in that accusation, why other focused on the data analysis portion off the investigation
today? Digital forensics is an important tool for solving crimes committed with computers. For instance, fishing IM bank fraud as well as for solving crimes against people
were evidence major site on a computer,
for instance, morning wandering on child exploitation.
Forensic tools have also become a vital tools or information assurance because off their ability to reconstruct the evidence left by cyber attacks.
Okay, we have to find what did a forensic is. But it's also important to know what digital forensics is not.
It is not about finding criminals because it is about finding the evidence off value.
It is not proactive security.
It is reactive toe on event or request
on. It is usually not quick because more systems discs have major capability, which could take a lot of time when perception this kind of information.
Now let me give you a briefing to loosen the windows. I'm sure that many of you know, but it is important to know or remember. It's very know what Windows is
dysfunctionality in order to know how to work with it.
Windows is a computer bearing system developed by Microsoft Corporation to room personal computers
approximately 90% off the seas around some version of Windows.
The first version of Windows, released in 1985 was a simple graphical user interface. Offer us an extension off Microsoft's existing This operating system, or M s the OS
based in part license concepts that Apple Inc had used for its Macintosh system. So four Windows for the first time, allow the U. S users to visually navigate a little desktop opening graphical windows,
displaying the content off eloquent folders and files with a click off amongst. But
rather than typing Commons on directory pass, our attacks prompt
subsequent versions introduced their functionality, including Native Windows five manager program manager on Prince Monitor programs. On a more dynamic interface,
Microsoft also develops specialized Windows packages, including the network of all Windows for Workgroups on the High Power Windows NT aimed at businesses.
The 1995 consumer release Windows 95 which fully integrated Windows on the OS on offer a built in Internet support, including the World Wide Web browser Internet Explorer.
We did 2000 and one release off Window X p. Microsoft United is various Windows packages under a single banner, offering multiple additional for consumer businesses, multimedia developers and orders Windows Expedia Vandal. The long use Windows 90 Fi colonel. Just a course. So for cold,
for a more powerful
code based on offer. A more breath tickle interface on improve application on memory management. The highly successful experience Stander work succeeded in late to those on six by Windows Vista, which experience that rubble rollout. I met with considerable marketer sisters
quickly acquired a reputation for being a large, slow,
our source consuming system.
Responding to the SOS disappointment of ocean rate Microsoft, it tells her nine released when those seven on operating system whose interface was similar to that of business but was met with enthusiasm for its notice. Several speed I'm improvement on a smaller system requirements
we just ate into the sun. 12
offered a star screen with application appearing us tiles on, Agreed on there really little synchronize settings. So you says, could Logan. So on our Windows eight machine and used the preferred settings
in 2015 Microsoft release Window Stain, which came with cortana at diesel personal assistants like Abu Siri on the Web browser, Microsoft Says, which replaced Internet Explorer
won't come admit is that we look for in six easy. Unfortunately, it's not
this because of the internal structure off a Windows based operate. Insisting window does not allow easy access to many of the physical layer devices, which is needed if you want to do a bit level operations unless you use a two part. So far,
Windows also has many undocumented features. It is, however, the most commonly analyzed platform in computer forensics on it's harder to interpret attacks. New foreign six challenges arise within tosha off newly released on layers operating systems, while in one hand
this new risk person off Windows are aimed on making things easier for users.
Many of the fun shows performed by the operating system can actually be used against a year, sir,
the average user. It's mostly on aware off the fact that their newly abrade operating system is living trucks off the Arctic Vitti.
The importance of Windows Foreign six lies in the fact that Windows is the most widely used to operate, insisting because people may use Windows widely to commit crimes as well. Windows provide a large number of locations with Rhys Foreign six artifacts. This artifact help investigators
to identify easily whether a crime is being occurred
with the evolution of Windows forensically soundness also improved as an example from Windows Expiate Tau seven. There's a major change in the Windows registry change in Turkey detector will be a challenge for investigators.
Therefore, it is important to identify what are the forensically sounds, differences and similarities in each patient off Windows.
Okay, here's a quick question for you.
Which one is not true about Windows?
Do you think he's a has many undocumented features, or B does not allow easy access to the physical layer? Or maybe see
a change in architecture represents a challenge for investigators or the It is easier to interpret attacks.
If you see de you're correct. The changes in architecture and different versions off Windows make harder to interpret attacks.
In the next video, we're going to analyze the forensic investigation methodology on its different steps or activities.
1.3 Forensic Investigation Methodology
2.1 Physical Drive Nomenclature in Windows
2.2 Logical Drive Nomenclature in Windows
2.3 Summary of Windows Device Names
3.1 Basic dd.exe Operation