User talk:Priyadharshan Tamil Arasu

Your submission at Articles for creation: sandbox (June 23)
 Your recent article submission to Articles for Creation has been reviewed! Unfortunately, it has not been accepted because it included copyrighted content, which is not permitted on Wikipedia.

You are welcome to write an article on the subject, but please do not use copyrighted work.


 * User:Priyadharshan Tamil Arasu/sandbox may be deleted at any time unless the copied text is removed. Copyrighted work cannot be allowed to remain on Wikipedia.
 * If you need any assistance, you can ask for help at the or on the.
 * You can also use Wikipedia's real-time chat help from experienced editors.

Roger (Dodger67) (talk) 20:04, 23 June 2017 (UTC)

windows live response
Windows live response for collecting and analyzing forensically sound evidence.

Sometimes your victim cannot afford to remove the system or the only evidence of the incident may currently be in memory. Either way, a standard forensic duplication is impossible. This chapter will address a technique for collecting and analyzing forensically sound evidence from what is known as the Live Incident Response Process.

What we do?

Initially as security analyst that monitor the photograph computer screen which record the current system time and note this against an accurate time source.

Begin data acquisition in order of volatility(OOV)

• Physical memory, open files, open network connection, swap space

• Encrypted files system where you do not have key to unlock

• Temporary file system.

Record current system time for twice, message digest of gathered evidence using tool Helix, netcat and cryptcat. http://www.brimorlabsblog.com/2015/09/introducing-windows-live-response.html