Show:
Windows
Linux
Mac OS
Registry
Linux Logs
100

A file system used initially with Windows, designed for small disks with simple folder structures. Stores all files at the beginning of the volume 

What is FAT? (File Allocation System)

100

Current file system that provides with a better scale and reliability than previous file system and replaces block mapping scheme to increase performance and reduce fragmentation 

What is Ext4?

Fourth Extended File System 

100

Name a parent OS that Linux and Mac OS is based of

What is UNIX?

100

Software and contains file extension association information and also programmatic identifier (ProgID), Class ID (CLSID), and Interface ID (IID) data. 

What is HKEY_CLASSES_ROOT?

100

All user level logs 

/var/log/user.log 

200

High-performance, a self-repairing file system with advanced features like file-level security, compression, and auditing. Supports larger and more powerful volume storage solutions like RAID. Can encrypt/decrypt data, uses 16-bit Unicode for multi-language support, maintains fault tolerance via a backup log file. Introduces concept of metadata and master file tables. Supports files up to 16GB. Uses MFT (relational database) for file attributes like size, time, date, permissions, and contents. 

What is NTFS? 

New Technology File System 

200

Files not preserved between system reboots, and may be severely size restricted. 

What is /tmp?

200

A primary file system in Macintosh 

What is HFS+? (Hierarchical File System Plus)

200

Contains the configuration information related to the user currently logged on. Wallpaper, screen colors, display settings, etc..

HKEY_CURRENT_USER 

200

Recent login information 

/var/log/lastlog 

300

Windows database that has all settings for all users and more information on the system.

What is Windows Registry?

300

Essential command binaries that need to be available in single user mode; for all users, e.g., cat, ls, cp. 

What is /bin?

300

All logs stored here

What is var/log?

300

Contains most of the configuration information for installed software which includes the Windows OS as well, and the information about the physical state of the computer which includes bus type, installed cards, memory type, startup control parameters and device drives. 

HKEY_LOCAL_MACHINE 

300

Failed user login attempts 

/var/log/faillog 

400

OS uses as the virtual memory extension of a computer’s real memory (RAM) 

What is a Page File?

400

All logs stored here

What is /var/log?

400

All deleted files go there

What is .Trash?

400

Contains information about all the currently active user profiles on the computer. 

HKEY_USERS 

400

Package installation or removal logs 

/var/log/dpkg.log 

500

When a user installs an application, runs it, and deletes it , traces of that application can be found in __

What is Prefetch Information?

500

OS uses as the virtual memory extension of a computer’s real memory (RAM) 

What is Swap Space?

500

Original Mac OS disk copy tool

What is Target Disk Mode

500

Stores information about the current hardware profile of the system. 

HKEY_CURRENT_CONFIG 

500

Kernel ring buffer information 

/var/log/dmesg