|
Responder™ Field 当下,如果你还没有进行存储分析,也没有做个全面的调查,那么小心在法庭上的失利,因为你没有执行具体的电脑调查。包括记忆保存,分析和报告。记忆保存 Preservation of Windows Physical Memory and Pagefile FastDump Pro enables investigators and security analysts to easily "freeze the live memory" on workstations and servers. Pagefile acquisition support, 64-bit support, FastDump Pro also provides process probing, compression, speed upgrades, and nearly 100% reliable memory-page queries for systems with more than 4GB of RAM. Memory Analytics Responder FE provides the most thorough and comprehensive memory analysis capability in the industry. Responder virtually rebuilds all the underlying data structures in RAM. This includes all physical to virtual address mappings, recreates the object manager, exposes all objects, and enables investigators to perform a complete and comprehensive computer investigation.
|
