Chapter 4

Operating the Proactive Incident Response Command Shell

Abstract

This chapter provides an overview of the proactive incident response command shell (PIRCS) software included with this book. The chapter provides an overview of the operational considerations for using PIRCS and an introduction to using the tool during live investigations.

Keywords

PIRCS; Mueller; Encryption; USB; SD card; NTFS; FAT32; DISKPART; Case; Screenshot; Install; Open case; Comments; Clean

Investigate: Word Origin

Early 16th century – from the Latin investīgātus, to search out or follow a trail.

Get Executing Windows Command Line Investigations now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.