University of Maryland University College Computer Forensic Tools Discussion by ella | Mar 17, 2023 | Uncategorized Description1) The AccessData Registry Viewer, allows the registries of any computer to be viewed. Registry Viewer can access the protected storage of a registry which can contain information such as passwords and usernames. Three views are offered in Registry Viewer: Full Registry view, Common Areas view, and Report view.As the name suggests, the Full Registry view displays all of the registry’s files contents. The Common Areas view can be used to display only the sections where significant data likely resides. The Report view displays user selected registry entries (keys). Keys may contain subkeys and subkeys may have subkeys.All views have Key Properties and Hexadecimal viewers which are detail panes. Property values of a key are displayed in the Key Properties viewer. Values that are selected are displayed in hexadecimal format in the Hexadecimal viewer.Registry Viewer gives the user the ability to generate reports. Reports can be created in the form of a HTML report file which contains the selected keys and any information associated with the keys, a File-types report which contains the file-type information located in the open registry, or a summary report which allows the user to create summary report definitions by adding individual key values to the definition and/or group key definitions into sections so they appear together under a specified section (AccessData, 2014).2) The Forensics Toolkit (FTK) is a worldwide recognized forensic tool and is used by the private industry, as well as government agencies. The most interesting feature to me available in FTK would be the various the reporting tool. My least favorite part of any activity is writing the report at the end. With FTK, the automated report generation and multiple available reporting templates can simplify and streamline reporting for an investigator.Using FTK holds many advantages to include the ability for forensic examiners to analysis different sources through a simple user interface, the ability for quick searches, EFS decryption, compatibility with multiple platforms to include Windows and Linux, and the utilization of a database allowing for easier collaboration between team members (Access Data, n.d.). Comparatively to other popular forensic tools, FTK requires less training with an intuitive GUI, making this tool more user friendly (Manson et al., 2007). With this, FTK may appear to be more user friendly to new forensic analysts and new users.The disadvantages of FTK include a longer importing process and is less customizable when compared to popular toolkits like EnCase (Manson et al., 2007). The longer importing process may result in reduced time for an investigator to conduct analysis if placed in a situation with time constraints.”Place your order now for a similar assignment and have exceptional work written by our team of experts, guaranteeing you A results.”
