Completed Coursework
Below are the highlights of the coursework I have completed pertaining to Digital Forensics and Incident Response (DFIR). You can navigate the assignments with the table of contents above.
System Artifacts and Activities Analysis
This digital forensics analysis report encompasses a comprehensive investigation into various artifacts extracted from a system, including Recycle Bin files, scheduled tasks, event logs, and prefetch files. Through meticulous parsing and analysis using tools such as $I Parse, Evtx Explorer, and PECmd, specific questions regarding the system’s history, activities, and configurations are answered. The report provides insights into the types of files present in the Recycle Bin, details about scheduled tasks and their configurations, event log entries including user activities and system events, and program executions captured in prefetch files. This thorough examination aids in understanding the system’s usage patterns, potential security incidents, and alterations made to the system over time, facilitating digital forensic investigations and incident response efforts.