Chaves de registro
Write Protect ON/OFF – Bloqueio ou desbloqueio de gravação em USB via registry
Long Paths Enable – Habilita caminhos com mais de 260 caracteres no Windows 10 via registry

NIST

1. NIST SP 800-61, Computer Security Incident Handling Guide
2. NIST SP 800-83, DRAFT Guide to Malware Incident Prevention and Handling for Desktops and Laptops
3. NIST SP 800-86, Guide to integrating Forensic Techniques

SANS

1. SANS Incident Handler’s Handbook
2. SANS Intrusion Detection Checklist for Linux
3. SANS Intrusion Detection Checklist for Windows
4. Security Intelligence: Attacking the Cyber Kill Chain by Mike Cloppert

Outras fontes

1. Software Engineering Institute white paper on memory image analysis on Windows (CERT)
2. 9 Automated Online Sandbox Services to Analyze Suspicious File’s Behavior  (Raymond.cc)