Pau Lo
asked on
encryption, virtual, software inventory
is there any functionality in encase or any other free tools to:
Our IT want to scan each PC sent in for scrap for the above 3 and want to know any free tools that could be used to idenitfy such , or any functionality to find such in encase (got a copy of v4 and v6). Can be used to scan the E01 or mount the drive with addtional tools that we may need to purchase.
inventory all software/hardware on the PC in a nice report format
identify any virtual machines on the PC
identify any encrypted volumnes/containers on the PC
identify any virtual machines on the PC
identify any encrypted volumnes/containers on the PC
Our IT want to scan each PC sent in for scrap for the above 3 and want to know any free tools that could be used to idenitfy such , or any functionality to find such in encase (got a copy of v4 and v6). Can be used to scan the E01 or mount the drive with addtional tools that we may need to purchase.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks, but say once you have a PC imaged and ready for analysis, do you follow a workflow then?
In terms of what analysis and searches you do first? I have searched and searched and cant find any typical workflow of what kind of searches/analysis people do in encase from start of inventigation to end. Say for example the classic case of bringing in inappropriate vids to watch at work, what would your workflow be for that? Or allegations of misuse of internet facility, what would your workflow be for that, or internal email harassment, what would your workflow be for that?
In terms of what analysis and searches you do first? I have searched and searched and cant find any typical workflow of what kind of searches/analysis people do in encase from start of inventigation to end. Say for example the classic case of bringing in inappropriate vids to watch at work, what would your workflow be for that? Or allegations of misuse of internet facility, what would your workflow be for that, or internal email harassment, what would your workflow be for that?
ASKER
Im guessing nowadays one of the first checks is to inventorise installed software, identify virtual machines, encrypted file containers etc - there must be a logical flow people follow on each case though, i.e. once a device is imaged and in a stage where it can be audited, where do people start and why - what searches are done first and why do they take priority etc.
ASKER
be interested in what falls into high level analysis and what falls into detailed analysis also. Sorry for all the questions.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
>>software installed
How are you getting such a list? What tool/script are you using?
How are you getting such a list? What tool/script are you using?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER