Top Ad unit 728 × 90

Latest News

random

Daily Blog #664: Sunday Funday 4/5/20



Hello Reader,
          I hope your ready, Sunday Funday's are back and we are going to challenge you. I'm continuing the trend from last year of making the challenges a week long and with everyone home now I hope you can find a good use of some time here. So let's see what you can do and how we can help the community with your research in this weeks windows execution artifact challenge.



The Prize:
$100 Amazon Giftcard

The Rules:

  1. You must post your answer before Friday 4/10/20 7PM CST (GMT -5)
  2. The most complete answer wins
  3. You are allowed to edit your answer after posting
  4. If two answers are too similar for one to win, the one with the earlier posting time wins
  5. Be specific and be thoughtful
  6. Anonymous entries are allowed, please email them to dlcowen@gmail.com. Please state in your email if you would like to be anonymous or not if you win.
  7. In order for an anonymous winner to receive a prize they must give their name to me, but i will not release it in a blog post


The Challenge:
We've all heard of the BAM key by now, located in SYSTEM\\services\bam, but what are the limitations? Answer the following questions:
1. What types of programs are not logged in BAM?
2. Are there any paths excluded from BAM?
3. What can cause a program to no longer be listed in the BAM key?
4. When does the BAM get updated?
5. What can update the BAM timestamp?

Daily Blog #664: Sunday Funday 4/5/20 Reviewed by David Cowen on April 05, 2020 Rating: 5

No comments:

All Rights Reserved by Hacking Exposed Computer Forensics Blog © 2014 - 2020
Powered By Blogger, Designed by Sweetheme

Contact Form

Name

Email *

Message *

Powered by Blogger.