Introduction to Windows Baseline¶
Windows Baseline Module will cover the basics of baselining within the Windows environment as well as enumeration concepts within Windows.
Into Video to Local Enumeration
Objectives¶
- Understand Windows Baselining and Enumeration
- Understand Order of Volatility
- Understand Common Surveying Commands
- Discuss common survey response tools
- Discuss common triage logs and artifacts
TLO Knowledge and Skills¶
Conditions:¶
- Given a classroom, applicable references, and a practical exercise, the Cyber Mission Force, students will demonstrate an understanding of Windows Enumeration and Baselining.
Knowledge¶
- Evidence Acquisition
- Order of Volatility
- Chain of Custody
- Common Survey Commands
- Common Survey Response Tools
- Common triage logs and artifacts
- Enumeration Information
Skills:¶
- Discuss the enumeration process of a windows device.
- Discuss the common commands used to conduct a windows survey.
- Conduct an Enumeration Baseline of a windows device.
- Discuss the steps after a windows survey.
- Discuss Chain of Custody concepts.
- Describe the order of volatility in relation to collecting evidence.
- List actions to avoid while conducting a survey.