Explore BrainMass
Share

Registry Keys Forensic Analysis

This content was COPIED from BrainMass.com - View the original, and get the already-completed solution here!

For Windows OS, Registry keys are extensively used for forensic analysis; do we have similar information in UNIX or Macintosh OSes?

© BrainMass Inc. brainmass.com March 22, 2019, 3:43 am ad1c9bdddf
https://brainmass.com/computer-science/computer-systems-organization/registry-keys-forensic-analysis-629767

Solution Preview

Please see attached document

For Windows OS, Registry keys are extensively used for forensic analysis; do we have similar information in UNIX or Macintosh OSes?

For Windows OS users UNIX or Linux operating systems might seem intimidating to use because of the different interface and design, and this can be no different for the digital evidence examiner who is not familiar with a UNIX system. If an examiner is commonly using Windows he/she would be quite conversant with Registry keys and their importance in forensic analysis, however UNIX or Macintosh operating systems clearly do not have Registry keys to investigate. Much of the configuration of the system and the changes are recorded into log files that can be viewed for examination.

In Windows, the registry is formed when the operating system starts up with the loading of two files namely system.dat and user.dat. Information starts to pour into these files ...

Solution Summary

For Windows OS, Registry keys are extensively used for forensic analysis; there is similar information in UNIX or Macintosh Operating Systems

$2.19