diyinfosec

This article explains how the USN Journal can be used to monitor file system changes by taking the example of encrypting a plaintext file.

Step 1 — Create a plain-text file:

echo “Encrypt This!” > C:\Users\test\Documents\file.txt

Step 2 — Query the USN Journal and note down the “Next Usn” value.

--

--