data leakage case #7, last logon user
Forensic/CFReDS-Data Leakage Case2018. 8. 10. 21:32
https://www.cfreds.nist.gov/data_leakage_case/data-leakage-case.html
#7. Who was the last user to logon into PC?
#3 참고.
다음의 레지스트리 경로에 마지막으로 로그온한 유저 정보가 있다.
HKLM\Software\Microsoft\Windows\CurrentVersion\Authentication\LogonUI
LastLoggedOnUser : informant
'Forensic > CFReDS-Data Leakage Case' 카테고리의 다른 글
| data leakage case #9, network interface with IP (0) | 2018.08.10 |
|---|---|
| data leakage case #8, last shutdown date/time (0) | 2018.08.10 |
| data leakage case #6, all accounts list (0) | 2018.08.10 |
| data leakage case #5, computer name (0) | 2018.08.10 |
| data leakage case #4, timezone (0) | 2018.08.10 |
