O'Reilly logo

Mastering Windows Network Forensics and Investigation, 2nd Edition by Scott Pearson, Ryan Johnson, Steve Bunting, Steven Anson

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Index

A

Abel tool. See Cain & Abel sniffer

aboutexaminer.htm file

access

file access events
vs. logon
System Volume Information folder

access control lists (ACLs)

access points

DHCP logs
rogue

access tokens

Accesses field

Account Domain field

file access
logon events
NTLM authentication

account logon events

early logs
Kerberos authentication
failed attempts
overview
retrieving administrative information
service tickets
successful logon evidence
vs. logon events. See also logons and logon events
NTLM authentication
summary
Terminal Services

account management events

evaluating
logs

Account Name field

Account Operators groups

accounts

domain
local
computer
domain environments
locking out
modified
multiple groups
user ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required