ISSC456_Lab1_Ocasio_Miguel
doc
keyboard_arrow_up
School
American Military University *
*We aren’t endorsed by this school
Course
456
Subject
Information Systems
Date
Feb 20, 2024
Type
doc
Pages
2
Uploaded by ocasio703
Hardware/Software Setup Required
Windows computer
Access to cmd.exe and regedit32.exe
Problem Description
Examine a Windows Registry to view keys, subkeys, and values
Estimated completion time
: 60 minutes
Outcome
Prepare a one-paragraph summary detailing how the information contained in the Windows Registry might be useful in a forensic investigation
Validation/Evaluation
Open a command line window on a Windows computer
At the prompt, type “regedit32” and press enter to open the Windows Registry
Explore the Registry keys, subkeys, and values taking note of the type of information contained in each
Prepare a one-paragraph summary detailing how the information contained in the Windows Registry might be useful in a forensic investigation
Summary: Forensic investigators can access a wealth of information by opening the Windows Registry with "regedit32". It's a centralized repository for configuration settings, user preferences, and system info. Using Registry keys, subkeys, and values, forensic investigators can uncover detailed information about system configurations, application installations, and user activities. You can reconstruct events and understand the timeline of system activities by looking at things like recently accessed files, USB connections, network settings, and login timestamps. The Registry also holds data about installed software, user accounts, and system policies, giving you insight into possible security breaches. In forensic analysis, a thorough examination of the Windows Registry helps investigators figure out what happened and gather evidence for legal proceedings by providing a comprehensive view of system interactions and changes over time.
References:
Hassan, N. (n.d.). Window registry. Window Registry - an overview | ScienceDirect Topics. https://www.sciencedirect.com/topics/computer-science/window-registry
RegForensicTool: Evidence collection and analysis of Windows Registry. The Free Library. (n.d.). https://www.thefreelibrary.com/RegForensicTool
%3A+Evidence+collection+and+analysis+of+Windows+Registry.-a0459894715
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help