Week 1: The Windows Registry
Name:
Semester:
Year:
Section Number:
Lab 1 Worksheet Digital Forensics
Technology and Practices
Table of Contents
Introduction……………………………………………………………………………………………………………………………………………2
Screenshot 1 – Creating Your First Name Account……………………………………………………………………………………….3
Screenshot 2 – Create a YOURNAME User account………………………………………………………………………………………4
Screenshot 3 – Create a YOURNAME Service……………………………………………………………………………………………….5
Screenshot 4 – Add Yourname.EXE to the Starup Folder for Administrator……………………………………………………..6
Screenshot 5 – Your First Folder with the Registry Files with Date Modified……………………………………………………7
Screenshot 6– Windows Computer Name Date Pulled from the Registry………………………………………………………..8
Screenshot 8– Yourname Service Pulled from the Registry……………………………………………………………………………9
Screenshot 8 – SAM (Security Accounts Manager) with Yourname……………………………………………………………….10
Screenshot 9 – Access the Startup Folder………………………………………………………………………………………………….11
Screenshot 10 – Autoruns with Yourname. EXE running at Startup………………………………………………………………12
Conclusion……………………………………………………………………………………………………………………………………………13
APA References……………………………………………………………………………………………………………………………………..14
1
Semester:
Year:
Section Number:
Lab 1 Worksheet Digital Forensics
Technology and Practices
Table of Contents
Introduction……………………………………………………………………………………………………………………………………………2
Screenshot 1 – Creating Your First Name Account……………………………………………………………………………………….3
Screenshot 2 – Create a YOURNAME User account………………………………………………………………………………………4
Screenshot 3 – Create a YOURNAME Service……………………………………………………………………………………………….5
Screenshot 4 – Add Yourname.EXE to the Starup Folder for Administrator……………………………………………………..6
Screenshot 5 – Your First Folder with the Registry Files with Date Modified……………………………………………………7
Screenshot 6– Windows Computer Name Date Pulled from the Registry………………………………………………………..8
Screenshot 8– Yourname Service Pulled from the Registry……………………………………………………………………………9
Screenshot 8 – SAM (Security Accounts Manager) with Yourname……………………………………………………………….10
Screenshot 9 – Access the Startup Folder………………………………………………………………………………………………….11
Screenshot 10 – Autoruns with Yourname. EXE running at Startup………………………………………………………………12
Conclusion……………………………………………………………………………………………………………………………………………13
APA References……………………………………………………………………………………………………………………………………..14
1
Introduction
Students: In the box below, please explain the purpose of using the Windows Registry and
explain how it is relevant to Digital Forensics Technology and Practices.
Introduction
2
Students: In the box below, please explain the purpose of using the Windows Registry and
explain how it is relevant to Digital Forensics Technology and Practices.
Introduction
2
Screenshot 1 – Your First Name Computer Name
1. Your First Name in the Computer Name Box. The Name of the computer should be your first name.
The use of anyone else’s name may result in an academic integrity review by your professor. Please
label your screenshot to receive full credit.
Take a screenshot of the Yourname being used in the computer name.
3
1. Your First Name in the Computer Name Box. The Name of the computer should be your first name.
The use of anyone else’s name may result in an academic integrity review by your professor. Please
label your screenshot to receive full credit.
Take a screenshot of the Yourname being used in the computer name.
3
Screenshot 2 – Create a YOURNAME User account
2. The Name of the User created should match your first name. The use of anyone else’s
name may result in an academic integrity review by your professor. Please label your
screenshot to receive full credit.
Take a screenshot of the Yourname user account being create at the command line.
4
2. The Name of the User created should match your first name. The use of anyone else’s
name may result in an academic integrity review by your professor. Please label your
screenshot to receive full credit.
Take a screenshot of the Yourname user account being create at the command line.
4
Screenshot 3 – Create a YOURNAME Service
3. The Name of the Service created should match your first name. The use of anyone else’s
name may result in an academic integrity review by your professor. Please label your
screenshot to receive full credit.
Take a screenshot of the Yourname being used in the Service being Created on Windows.
Screenshot 4 – Add Yourname.EXE to the Startup Folder for Administrator
5
3. The Name of the Service created should match your first name. The use of anyone else’s
name may result in an academic integrity review by your professor. Please label your
screenshot to receive full credit.
Take a screenshot of the Yourname being used in the Service being Created on Windows.
Screenshot 4 – Add Yourname.EXE to the Startup Folder for Administrator
5
4. The Name of the file should be your first name. The use of anyone else’s name may
result in an academic integrity review by your professor. Please label your screenshot to
receive full credit.
Take a screenshot of the Yourname being used in the startup folder for the administrator
Screenshot 5 – Your First Folder with the Registry Files with Date Modified
6
result in an academic integrity review by your professor. Please label your screenshot to
receive full credit.
Take a screenshot of the Yourname being used in the startup folder for the administrator
Screenshot 5 – Your First Folder with the Registry Files with Date Modified
6
$20.00