Chapter 17 Digital Evidence on Windows Systems

Eoghan Casey

Given the popularity of Microsoft Windows, digital investigators will encounter these systems as sources of digital evidence in the majority of cases. As a result of its prevalence, powerful commercial forensic tools have been developed to facilitate the forensic examination of Windows systems. Although these tools can be used by individuals with limited knowledge and experience to perform complex operations, they are not a substitute for knowledge and experience. In addition to being familiar with the tools and techniques for acquiring and examining digital evidence from a computer running Microsoft ...

Get Digital Evidence and Computer Crime, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Digital Evidence and Computer Crime, 3rd Edition by

Chapter 17

Digital Evidence on Windows Systems

Contents

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly