One of the commonly recommended solutions to increase the security of user accounts in the on-premise Active Directory is to require two-factor authentication using Smart Cards. Not everyone knows that Windows Smart Card implementation has undergone a significant change years ago that has not been clearly reflected in the publicly available documentation. Since Public Key Infrastructure (PKI) security is not a typical piece of knowledge, therefore many enterprises may be at risk.

To a computer forensics expert like Paula Januszkiewicz, Windows Prefetch files are a virtual treasure trove that can reveal not only what has happened on an operating system but when it took place. In this brief tutorial, Paula shares the tool and method needed to unlock the contents of these digital artifacts.

Corrupted log files create a serious issue for administrators and digital forensic experts who need to view their contents. In this tutorial by cybersecurity expert Paula Januszkiewicz, you’ll learn how to recover corrupted EVTX log files and how to access logs that are processed in the memory and make them readable.