RAM, short for Random Access Memory, is physical hardware that temporarily stores data for quick read and write access. Think of RAM as a scratch pad you use while working; although all the information you need and may refer to is stored in a binder (in this analogy, your hard drive), the information on the scratch pad is what you are using and need right in the moment. With RAM, it is right there for you to access. While RAM helps with the speed and efficiency of the computer, it can all be lost in an instant as it is volatile.
How to Conduct a Live Forensic Scan of a Windows Computer
February 22, 2019
Learn how to conduct a Windows live scan with ADF Solutions Digital Evidence Investigator. Two USB ports are required to complete a scan, one for the Collection Key and one for the Authentication Key, once the scan has started the Authentication Key can be removed. A USB hub may be used in cases where the target computer only has one USB port.
When running a live scan from a Collection Key it is possible to create a RAM dump of the computer. RAM dumps can then be analyzed with appropriate software (e.g. Volatility).
Get Triage & Digital Forensic News (once a month)
Posts by Tag
- Digital Forensics (77)
- Digital Evidence Investigator (59)
- Law Enforcement (57)
- Triage-Investigator (41)
- How To Video (40)
- United States (39)
- Mobile Device Investigator (36)
- Triage-G2 (35)
- Computer Forensics (33)
- ICAC Task Force (29)
- Crimes Against Children (28)
- Digital Evidence (26)
- Forensic Analysis (25)
- Forensic Triage (23)
- Cyber Crime (22)
- DEI PRO (22)
- Project Vic (22)
- Triage (22)
- CAID (17)
- ICAC (17)
- Mobile Forensics (17)
- Cyber Forensics (15)
- Forensic Software (15)
- Mobile Device Forensics (15)
- Triage-Investigator PRO (15)
- AllinForensics (14)
- Child Exploitation (14)
- Triage-G2 PRO (12)
- United Kingdom (12)
- Sheriff (11)
- iOS Forensics (11)
- Custom Search Profiles (10)
- Digital Media Investigator (10)
- Early Case Assessment (10)
- High Tech Crime (10)
- Police (10)
- RAM Capture (10)
- Military (9)
- Military Police (9)
- Android Forensics (8)
- Canada (8)
- Field Forensics (8)
- IIOC (8)
- Search Profiles (8)
- Apple Mac Forensics (7)
- Culture Code (7)
- Forensic Training (7)
- Hash Sets (7)
- Internet Investigation (7)
- forensics (7)
- technology (7)
- Computer Forensic Lab (6)
- Digital Devices (6)
- Project VIC UK (6)
- APFS (5)
- Counter Terrorism (5)
- Cybersecurity (5)
- DOMEX (5)
- Entity Extraction (5)
- Forensic Science (5)
- Human Trafficking (5)
- IPOC (5)
- Mobile Triage Kits (5)
- Prosecutors (5)
- Austrialia (4)
- BitLocker (4)
- Boot Scan (4)
- Classifier (4)
- DFIR (4)
- District Attorney (4)
- Force Protection (4)
- Griffeye (4)
- Site Exploitation (4)
- Special Forces (4)
- Special Operations (4)
- Standalone Viewer (4)
- White Collar Crime (4)
- ADF Authorized Partner (3)
- Careers (3)
- Digital First Responder (3)
- Forensic Artifacts (3)
- Government (3)
- IT Security (3)
- Incident Response (3)
- Interpol (3)
- Language Gisting (3)
- Microsoft Windows Forensics (3)
- Photo Forensics (3)
- Thumbcache Images (3)
- Translation (3)
- iOS (3)
- mobile device (3)
- Anti-Forensic Traces (2)
- Anti-Terrorism (2)
- Basic Computer Forensic Examiner (2)
- Certified Forensic Computer Examiner (2)
- Collection Key (2)
- Detective (2)
- Drone Forensics (2)
- Economic Crime (2)
- Europe (2)
- Financial Crime (2)
- IACIS (2)
- IT Forensics (2)
- Identity Operations (2)
- Live Scan (2)
- Microsoft (2)
- Rosoka Add-on (2)
- Security (2)
- BCFE (1)
- CFCE (1)
- Certified Forensic Examiner (1)
- Constable (1)
- Data Analytics (1)
- Data Decryption (1)
- Digital Forensic Imaging (1)
- Expert Witness Format (1)
- FLETC (1)
- Forensic Accounting (1)
- Forensic Hardware (1)
- Forensic Lab Solutions (1)
- Forward Operator (1)
- Information Security (1)
- Insider Threat (1)
- SDVOSB (1)
- Singapore (1)
- South Africa (1)
- Technology Partner (1)
- United Arab Emirates (1)
- Video Forensics (1)
Recent Posts
