Question

List three pieces of information that can be recovered from the registry and the significance or value of that information to

0 0
Add a comment Improve this question Transcribed image text
Answer #1

Hi,

Please find the answer below:
-----------------------------------------

Windows Registry contains important information regarding the Windows 10 operating system. It is like a tree-like structure database that stores information about:

  • Installed Software/ programs on the computer.
  • User profiles & User settings of the users on the machine.
  • User Activity.

The registry has five root hives. Each hive contains keys. Each key in the tree can store data value or other keys.

  1. HKEY_CLASSES_ROOT
  2. HKEY_CURRENT_USER
  3. HKEY_LOCAL_MACHINE
  4. HKEY_USERS
  5. HKEY_CURRENT_CONFIG

Name Type Data Registry Editor File Edit View Favorites Help Computer Computer HKEY_CLASSES_ROOT HKEY_CURRENT_USER HKEY_LOCAL

How to launch the Windows Registry.

Open Windows prompt or Search prompt

We can launch the registry editor by typing regedit in the search prompt.


Forensic experts can either export the dump or use third-party applications to investigate the registry information. When the registry data is analyzed carefully, forensic experts can get vital information about the machine state, user activity, programs installed on the machine; for example any malicious programs installed, etc. Using Windows the forensic expert can get crucial and various different information about the machine at the time of the crime.

For example to know the wallpaper of the machine:

Computer\HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Wallpapers

USB used to connect to the computer:

Computer\HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\USBSTOR


-----------------------------------------

Let me know if you need more help with this.
Hope this helps.

Add a comment
Know the answer?
Add Answer to:
List three pieces of information that can be recovered from the registry and the significance or...
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Not the answer you're looking for? Ask your own homework help question. Our experts will answer your question WITHIN MINUTES for Free.
Similar Homework Help Questions
  • 1. Types of volatile information that can be recovered during a live response are: Command history...

    1. Types of volatile information that can be recovered during a live response are: Command history Process memory Cloud storage Jump lists Network connections 2. Mike informs you that he visited one website, then immediately thereafter was put onto an entirely different website. What HTTP response is most likely? 500 HTTP Response 100 HTTP Response 300 HTTP Response 400 HTTP Response 3. Android and iOS devices store app data in _________ format. This evidence can be viewed with the Firefox...

  • Question (6) (15 Marks) A. List and describe FOUR (4) key pieces of information a designer needs ...

    Question (6) (15 Marks) A. List and describe FOUR (4) key pieces of information a designer needs to B. Describe the challenges a design engineer would experience working with a C. Outline and describe THREE (3) tools that could be used to facilitate the communicate to the manufacturing team to realize a product manufacturing team that speaks a different language communication process between the design and manufacturing team if they spoke different languages? Question (6) (15 Marks) A. List and...

  • List three ways that a company can price discriminate, and briefly explain how each behavior could...

    List three ways that a company can price discriminate, and briefly explain how each behavior could increase profits for the company. (6 pts) HTML Editora B I VA - A - I E321 X X, SE V JDT 12pt Paragra Films On Demand (2.0)

  • What are other forensic pieces of data that can be found in Windows, Linux and MacOS?...

    What are other forensic pieces of data that can be found in Windows, Linux and MacOS? What other free/open source utilities can you find to help retrieve data/information from the discussed operating systems? Are there any other utilities that you can find that can help with mobile device security? Spend some time researching mobile device security and test the utilities you find. Provide a brief write up about each one. In the write up make sure to include your thoughts/opinions...

  • Choose the correct definition of significance level from the list below. A significance level is Option...

    Choose the correct definition of significance level from the list below. A significance level is Option 1 and 5 are WRONG Choose the correct definition of significance level from the list below A significance level is the probability of failing to reject the null hypothesis when the alternative hypothesis is true. the minimum acceptable chance of making a type I error. O the probability that an event occurred as a result of a causative factor rather than by chance. the...

  • What is the total number of electrons that can occupy the 5f orbitals? List all the...

    What is the total number of electrons that can occupy the 5f orbitals? List all the possible quantum numbers sets [n,I,mI,ms] 75 Question 32 What is the total number of electrons that can occupy the forbitals? List all the possible quantum numbers sets. Inim, m.] E BIVAN IEE 2 T L 12pt * - Paragraph , - MacBook Pro oni w F option

  • 2. a) Describe the three methods for equalizing information in order to reduce information asymmetries. List...

    2. a) Describe the three methods for equalizing information in order to reduce information asymmetries. List an example for each. b) List two ways an uninformed party can restrict the ability of informed party to take advantage of hidden information. Z c) Can firms profitably price discriminate if there are information asymmetries? Explain.

  • How can information relating to work roles and organisational policies be disseminated? List and describe three...

    How can information relating to work roles and organisational policies be disseminated? List and describe three methods.

  • 1. Choose one of the radioisotopes from the list or find a radioisotope that is not...

    1. Choose one of the radioisotopes from the list or find a radioisotope that is not on the list but interests you. 2. Using your book and Internet resources, find five interesting pieces of information on the radioisotope you selected. Suggested pieces of information may include: -How is the radioisotope formed in nature (type of decay)? -Risks associated with the radioisotope -Number of subatomic nucleons present -Stability of the radioisotope -How this radioisotope is used. -Is the radioisotope used as...

  • List three important components of a voltiac cell and explain the purpose of those components. Please...

    List three important components of a voltiac cell and explain the purpose of those components. Please try to keep this short and succinct. HTML Editora B I VA - A - Ix E : 2 x? TT T 12pt Х. O words

ADVERTISEMENT
Free Homework Help App
Download From Google Play
Scan Your Homework
to Get Instant Free Answers
Need Online Homework Help?
Ask a Question
Get Answers For Free
Most questions answered within 3 hours.
ADVERTISEMENT
ADVERTISEMENT