Skip to Main Content
Digital Forensics and Incident Response - Third Edition
book

Digital Forensics and Incident Response - Third Edition

by Gerard Johansen
December 2022
Intermediate to advanced content levelIntermediate to advanced
532 pages
13h 54m
English
Packt Publishing
Content preview from Digital Forensics and Incident Response - Third Edition

Appendix

There is a significant number of Windows Event Log types available to IT and security professionals. This Appendix includes the most critical events that pertain to security and incident investigations and have been provided as a reference.

Event ID

Event type

Primary use

Event log

21

Remote desktop services: session logon succeeded.

Event correlation, lateral movement, scoping

TerminalServices-LocalSession Manager/Operational

25

Remote desktop services: session reconnection succeeded.

Event correlation, lateral movement, scoping

TerminalServices-LocalSession Manager/Operational

102

This event is logged when the terminal services gateway service requires a valid Secure Sockets Layer (SSL)

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Digital Forensics and Incident Response - Fourth Edition

Digital Forensics and Incident Response - Fourth Edition

Gerard Johansen

Publisher Resources

ISBN: 9781803238678