This article has been indexed from CSO Online
The recent cybersecurity symposium that aimed to “prove” the 2020 US election was a fraud made headlines not because of evidence found, but rather the absence of evidence. As I watched the three-day event, it reminded me how unknown most of the technology behind computers is. A bit of disclosure: While I’ve analyzed computer systems and even testified in court about them, I would not consider myself an expert in all forensic circumstances. I can authoritatively discuss what a Windows event log looks like, but if I’m looking at a software that I’m not familiar with, I don’t know what its “normal” looks like.
Read the original article: How Windows admins can get started with computer forensics