Recovering Digital Evidence in a Cloud Computing Paradigm
12.07.2013 Views
Share Embed Flag

Recovering Digital Evidence in a Cloud Computing Paradigm

Recovering Digital Evidence in a Cloud Computing Paradigm

Recovering Digital Evidence in a Cloud Computing Paradigm

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
computer.forensics.sans.org

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Where To F<strong>in</strong>d The <strong>Evidence</strong><br />

• Pagefile.sys<br />

– Used as “virtual memory” – data is paged <strong>in</strong> and<br />

out of the pagefile as needed<br />

– Even on systems with a large amount of RAM,<br />

Microsoft recommends to keep the pagefile<br />

enabled<br />

– Also a great source for volatile artifacts<br />

– Many artifacts that are found <strong>in</strong> RAM only can<br />

also make their way <strong>in</strong>to the pagefile

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!