Incident Response with EZTools - Document Creation and Opening file Evidence Acquisition
JumpList Explorer is bundled with EZTools. This tool is a GUI-based jump list viewer.
Jump Lists are lists of recently opened items, such as files, folders, or websites, organized by the program that you use to open them. Jump Lists don’t just show shortcuts to files. Sometimes they also provide quick access to commands for things like composing new email messages or playing music. You can use a Jump List to open items, and you can also pin favorites to a Jump List, so you can quickly get to the items that you use every day.
From an incident response perspective, it is necessary for the responder to have the ability and skill to quickly triage to patient zero and identify the cause or action performed before the incident was detected.
During an incident, a file in the form of a text file or a document might be opened, and to acquire these artifacts, responders must have the right set of knowledge and tools to gather these artifacts as evidence.
