🛡️ Defence Mechanisms

📚 MacOS Basics

Firewall You can set specific rules to limit the traffic. FileVault No recovery once this password is lost.

⛅️ AWS Evidence Collection

Are there any Shadow Cloud Accounts? Could be the first place to look when investigating.

🍎 iOS Evidence Collection

General Considerations First of all, all the Apple devices support remote wiping which has evolved significantly over the year and now support Bluetooth.

🐧 Linux Evidence Collection

File Systems EXT 2,3,4, ReiserFS, XFS, JFS, Btrfs. Logical Backup - doesn’t copy all, doesn’t copy slack, free space and deleted files.