O'Reilly logo

Mastering Windows Network Forensics and Investigation, 2nd Edition by Scott Pearson, Ryan Johnson, Steve Bunting, Steven Anson

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 8

The Registry Structure

The Windows registry is a vast hierarchical database of operating system, program, and user settings. It is also a relatively obscure Windows feature in which the user rarely has any direct interaction. The Windows registry contains information that is significant for the investigators, incident responders, and forensic analysts or anyone conducting network investigations. Accordingly, to access this information and interpret its meaning, the network investigator must have a good understanding of the Windows registry.

In this chapter, you will learn to:

  • Understand the terms keys, values, and hive files, as well as understand how logical keys and values are mapped to and derived from physical registry hive files ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required