Part 1:Windows OS Forensics and Lab Preparation
In this part of the book, we will give an overview of the Windows operating system and learn how this amazing operating system works. In addition to this, you will learn the basics of the digital forensics process and how to set up a digital forensics lab environment and start acquiring evidence using open source tools. Also, we will dive into understanding the process of forensic acquisition and carry out a deep-dive analysis of collected artifacts in a forensic manner.
This part contains the following chapters:
- Chapter 1, Introducing the Windows OS and Filesystems and Getting Prepared for the Labs
- Chapter 2, Evidence Acquisition
- Chapter 3, Memory Forensics for the Windows OS
- Chapter 4, The Windows Registry
- Chapter 5, User Profiling Using the Windows Registry
