O'Reilly logo

Windows Forensic Analysis DVD Toolkit, 2nd Edition by Harlan Carvey

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 2. Live Response
Data Analysis

Solution in this chapter:

▪ Data Analysis
Summary
Solutions Fast Track
Frequently Asked Questions

Introduction

Now that you've collected volatile data from a system, the question becomes “How do I ‘hear’ what it has to say?” or “How do I figure out what the data is telling me?” Once you've collected a process listing, how do you determine which process, if any, is malware? How do you tell whether someone has compromised the system and is currently accessing it? Finally, how can you use the volatile data you've collected to build a better picture of activity on the system, particularly as you acquire an image and perform postmortem analysis?
The purpose of this chapter is to address these sorts of questions. What ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required