DFIR

123456789
Across
  1. 1. pieces of evidence that point to an activity performed on a system
  2. 3. Digital Forensics & Incident Response
  3. 4. advanced open-source endpoint monitoring, digital forensic and cyber response platform. It provides the ability to more effectively respond to a wide range of digital forensic and cyber incident response investigations and data breaches, its icon is a dog
  4. 7. is a group of Keys, subkeys, and values stored in a single file on the disk
  5. 9. An advanced, open source, endpoint tool used for monitoring and response platform, it’s icon is a dinosaur
Down
  1. 2. a utility that takes a registry hive as input and outputs a report that extracts data from some of the forensically important keys and values in that hive
  2. 5. it is created chronologically to understand what exactly happened in an incident.
  3. 6. a tool used for non-volatile memory to acquire evidences, it is small in size and can send data to a remote system
  4. 7. A hive Contains configuration information particular to the computer.
  5. 8. Krull Artifact Parser & Extractor