Infosec - Windows Registry Forensics
- Offered byCoursera
Windows Registry Forensics at Coursera Overview
Duration | 8 hours |
Total fee | Free |
Mode of learning | Online |
Difficulty level | Intermediate |
Official Website | Explore Free Course  |
Credential | Certificate |
Windows Registry Forensics at Coursera Highlights
- Reset deadlines in accordance to your schedule.
- Shareable Certificate Earn a Certificate upon completion
- 100% online Start instantly and learn at your own schedule.
- Course 3 of 3 in the Computer Forensics Specialization
Windows Registry Forensics at Coursera Course details
- The Windows Registry Forensics course shows you how to examine the live registry, the location of the registry files on the forensic image, and how to extract files.
Windows Registry Forensics at Coursera Curriculum
Introduction to the Windows Registry
What is the Registry and why is it important
Structure of the Windows Registry
Preparing to Examine the Windows Registry
Viewing the Registry with RegEdit
Software needed to examine the Registry
Locating the registry files within the Windows file system
Locating and interpreting the registry values
NTUser.Dat Hive File Analysis
Recent Docs
Typed URLs
UserAssist
Recent Apps
Run and Run Once
ComDig32 Subkey
Typed Paths Subkey
Microsoft Office applications and the MRU subkey
Windows search function and the WordWheel query
SAM Hive File
SAM hive file
Security Identifiers
User Accounts (RIDS)
Password Hashes
Other Types of User Accounts
Software Hive File
Software File Subkeys of Interest
Network List Subkey
Connected Devices
System Hive File
System File Subkeys of Interest
USB Device Forensics
AppCompat Cache and Background Activities Monitor
USRClass.dat Hive File
Shellbags
MuiCache and Managed By App Sub-Keys
AmCache Hive File
AmCache Hive File SubKeys of Interest
AmCache Parser.exe Demo
Windows Registry Forensics Quiz
Other courses offered by Coursera
Student Forum
Anything you would want to ask experts?