Investigation Scenario You've discovered a user workstation with the Chrome Remote Desktop plugin installed. There's no business reason for the user to have this plugin, and they don't recall installing it. What do you look for to investigate whether an incident occurred and the extent of its impact?#InvestigationPath #DFIR #SOC
