O'Reilly logo

Practical Digital Forensics by Richard Boddington

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 7. Windows and Other Operating Systems as Sources of Evidence

The majority of laptop, desktop, and network-based computers use Windows operating systems, and this chapter will describe this in some detail and provide a brief description of other operating systems that are commonly examined. The chapter will provide you with an understanding of the complexity and nature of information processed on computers that assists forensic examinations and facilitates the recreation of key events relating to the presence of digital evidence stored in a range of operating systems.

The chapter will look at:

  • The Windows Registry and system files and logs as a resource of digital evidence
  • Apple and other operating system structures
  • Remote-access and malware ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required