Talk With an Expert

Windows Responders Guide

Windows Responders Guide (PDF, 2.18MB)Published: 14 Jul, 2003
Created by
Koon Tan

When a system encounters an incident, there is a need to handle the case properly to gather evidence and investigate the cause. Initial response is the stage where preliminary information is gathered to determine whether there is any breach of security and the possible causes if any. This paper provides the first responder guide to handle incident occur on a Windows platform system. In this paper, we will discuss what are the issues one needs to consider during the initial response stage. There are critical evidence that need to be protected and gathered during the initial response stage. We will hence discuss what are the tools that can be used to gather the necessary evidence and how to collect them appropriately. Finally, we will explore areas that one needs to look out for during the investigation on the evidence collected.