Bruce Nikkel App_forensic_artifacts.pdf
Bruce Nikkel App_forensic_artifacts.pdf
Bruce Nikkel App_forensic_artifacts.pdf
15
0.0 (0)
Kartei Details
Karten | 15 |
---|---|
Sprache | English |
Kategorie | Informatik |
Stufe | Universität |
Erstellt / Aktualisiert | 20.06.2019 / 01.07.2020 |
Lizenzierung | Keine Angabe |
Weblink |
https://card2brain.ch/box/20190620_bruce_nikkel_appforensicartifacts_pdf
|
Einbinden |
<iframe src="https://card2brain.ch/box/20190620_bruce_nikkel_appforensicartifacts_pdf/embed" width="780" height="150" scrolling="no" frameborder="0"></iframe>
|
Name some common user applications.
- web browser
- email client
- office suite
- file managers
- media players
- photo / piv vieweres/managers
- social media apps, cloud sync/connect apps
name some examples of professional applications that leave artifacts
- financial software
- company developted fat clients
- scientific, engineering apps
- industrial control apps
what are some special intrest apps that leave traces?
- bitcoin wallets and clients
- file-sharing apps
- TOR clients
- hack/crack/exploit tools
- malware binaries
application forensic analysis involves the examination of what?
Application forensic analysis involves examination of:
- installation date, last used
- configuration, plugins, user preferences
- log data, and audit trails
- persistent data (cookies, cache, objects, recents [eg. recent files in word])
- user activity over time
- application data/content
- additional application meta-data in data/content
- abuse or misuse of an application
- correlate timestamps with other times (logs,physical access logs, CCTV, etc)