11.1 WORD Forensics
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Video Transcription
00:00
Hi. Welcome back to the curse. In the previous moles, we were reviewing some Windows, forensic assange or key points where every forensic analysts to look to find areas. This is something common in every week
00:15
now. In this small you were going to analyze and see how to review some commune type of five, such as office files, pictures and roses fires. This important as Windows, usually Collins with the full bro, sir, for the viewer on office suit.
00:32
Microsoft War Foreign Sick analysis is something that digital forensic investigators go quite often for documented indication. Because of the great popularity off Microsoft Office, many important business documents socials, contracts, a memoranda are created using words.
00:49
Some of these documents may become key evidence and subject to for a sickle dedication.
00:55
Meg Rosoff Ward. Safe information of ah, welcome in. In addition to the actual contest of the document, this additional information is called meta data from the great Meta Moon, Higher or beyond.
01:07
This includes who created a document with Matty was created, who edited the document on where document was safe on ready for a name.
01:18
We can use the commitment rate, a parson's social anti word cat dog. If I tools another's to review this information
01:27
or in Microsoft Office World, we can go to the main. You file that under the the fur option, we could be able to see information about the file.
01:38
Every picture file has information in Barrett about how the four awas taking this information includes the real picture creation date on the type of camera used to take the photo.
01:51
This is very important for the cases where we can link a picture to a crime missing or 12 eyes found in the crime scene.
01:59
This metal ADA can be finding pictures our your or video files.
02:04
We can use specialized tools to extract this information.
02:07
There's a useful and very easy to use tools for meta data analysis. Only much is social exist too.
02:15
Well. You can download into Windows operating system on allies they must fingerprint just by dragging and dropping the file into the application
02:25
exit stands for exchangeable image file. For months,
02:30
most more cameras, a store exit data in every four or five they create exist. There is meta data. Basically, it stores the camera settings used to create the picture on the time and date it was created,
02:43
then our online tools us well, which will allow you to see this metal later without lowering anything to your computer. We will see more about this in the next video.
02:54
Many users think that it is impossible to find out which websites they have visited when they delete the cash on the history. This is not true. There is a fire on the system that collects information on websites on cookies in Window seven
03:10
on Easier Internet Explorer nine on You earlier
03:15
used the index that that
03:16
to next all this information, including the Internet, cash cookies on history, every euro on everywhere base that is listed there was indexed.
03:28
The information is retained, even if the user decided to delete the grocer cash on history. Not only that, but all the emails have you sent or received through our look or Lucas press answer gets looked in. These in the start that five
03:45
These files were to be found therefore, in the Internet, cash cookies on his story folders.
03:51
You will need a specialized program to view the continent off index that that files to such as Pascoe by Ki Joon in this that that scanner or index that that suit are tools that can displayed information stored in those terrorists. Files in Window son or earlier.
04:11
However, these change would win those eight on 10 Windows eight Index that that files are not used by Inter. Expert 10. They listen function. It's been implemented within a Microsoft battery sister. The five names with cash, the one thought that
04:30
is located in the folder within the system. Partition.
04:34
You thirsty user name off data. Local Microsoft Windows with cash.
04:42
The software E S E. That this view developed by your soft come used for bro's in the database content.
04:51
Okay before finishing. Here's a quick question for you
04:55
When her life in a picture. What is exit data?
04:59
Do you think it's a information of all the camera cities used to create the picture on the time and date it was created?
05:06
Or be information of all the operating system used to analyze the picture,
05:12
or C a tool for analyzing the big just metal ada
05:15
or D. None off the boat.
05:18
If you said a correct exit stand for exchangeable image file for months, a more commerce store exit data in every photo fight they create.
05:30
So we have analyzed how to review some important fights that you probably will encounter when performing a forensic analyses. Now let's see how to release my performing some hands on exercises. Don't forget to check the references. It's winter materials on dreaming the next videos. Where will be the winds from labs?
Up Next
Similar Content
