Taking Screenshots – CompTIA Security+ SY0-401: 2.4

| August 15, 2014 | 0 Comments

There are many ways to capture the information that appears on a screen. In this video, you’ll learn a few techniques for taking screenshots across many different operating systems.

<< Previous Video: Taking HashesNext: Interviewing Witnesses >>

Screenshots can be another useful way to grab what’s on the screen. Sometimes it’s difficult to reproduce what you may run into when you first walk up to a computer. You see something on the screen that looks suspicious. If you were to grab an image of the drive, that allows you to get the information that was on that computer, but it doesn’t necessarily allow you to reproduce what’s happening on the screen.

And one of the challenges is, how do you take a snapshot of what’s on the screen without disturbing the computer? Obviously you can hit the Print Screen command in the Mac operating system, in the LINUX operating systems, there’s other utilities and other ways to grab screen information, but then you’re changing what’s on that computer. And you may not have the ability to do that. So sometimes it’s not really the easiest process.

But there are things you can do. You can of course capture it externally. One of the nice things about our latest generation of mobile devices is we can pull out a phone, and all of our phones tend to have cameras on them these days. And they tend to have some very high resolution cameras with some really nice photo capabilities.

Pull out your camera, take a snapshot of what you see on the screen right then. Capture it. Then you’ll have error information. You’ll have a message of what people saw on their screen. You’ll have what was on an email that somebody was typing but did not send, and may be difficult to reproduce later. All of that will be on the screen and you’ll capture it to your phone.

You also have some functions within the operating system itself. In Windows you can hit the Print Screen key. And now you have the entire screen in your clipboard. There’s other third-party utilities you can get as well on any operating system that can grab what’s on the screen and save it to a file. There’s some nice forensics capabilities, some forensics programs, on USB drives where you can plug in the USB key, run the executable from there, and it will save the file to the USB key, thereby minimizing the impact to the hard drive of that computer itself.

Tags: , , ,

Category: CompTIA Security+ SY0-401