The access to this course is restricted to eForensics Premium or IT Pack Premium Subscription

The access to this course is restricted to eForensics Premium or IT Pack Premium Subscription

18 CPE credits

You will learn …

    •       How to create images of hard drives


    •       Adding evidence Items


    •       How to preview files and folders on the hard drive


    •       Mounting an image for read only viewing


    •       Removing Evidence


    •       Acquiring Protected files


    •       Encrypted Images


    •       Creating hashes using hash functions (MD5) and (SHA-1)


    •       Create a hash report to prove integrity of evidence



SYLLABUS

Stage 1: Installing the Forensic Toolkit

    • System Requirements


    • Supported File Systems and Image Formats


    • System Preparation


    • Basic Installation


    • Basic Install from CD


    • Basic Install from Downloadable Files


    • – articles


    • – workshops tutorials/videos


    • – practical tasks


    • – exam at the end



Stage 2: FTK Overview

    • Acquiring and Preserving the Evidence


    • Analyzing the Evidence


    • Hashing


    • Known File Filter


    • Searching


    • Presenting the Evidence


    • – articles


    • – workshops tutorials/videos


    • – practical tasks


    • – exam at the end



Stage 3: Preparing the Evidence Disk

    • Adding Evidence


    • Completing the Add Evidence Form


    • Selecting Evidence Processes


    • Managing Evidence


    • Refining the Index


    • Reviewing Evidence Setup


    • Processing the Evidence.


    • – articles


    • – workshops tutorials/videos


    • – practical tasks


    • – exam at the end



Stage 4: Acquiring a Disk Image

    • Imaging a live system


    • Decide if you are going to image a physical or logical disk


    • The advantages of acquiring a physical disk


    • Acquiring a logical drive


    • Mount your evidence drive on the suspect system


    • – articles


    • – workshops tutorials/videos


    • – practical tasks


    • – exam at the end



Stage 5: Analyzing the Evidence

    • Hashing


    • Known File Filter


    • Searching


    • – articles


    • – workshops tutorials/videos


    • – practical tasks


    • – exam at the end



Stage 6: Creating a Report

    • “Starting a Case”


    • “Entering Forensic Examiner Information”


    • “Completing the New Case Form”


    • “Selecting Case Log Options”


    • “Selecting Evidence Processes”


    • “Refining the Case”


    • “Refining the Index”


    • “Managing Evidence”


    • “Reviewing Case Summary”


    • “Processing the Evidence”


    • – articles


    • – workshops tutorials/videos


    • – practical tasks


    • – exam at the end


Course Reviews

N.A

ratings
  • 5 stars0
  • 4 stars0
  • 3 stars0
  • 2 stars0
  • 1 stars0

No Reviews found for this course.

TAKE THIS COURSE
  • Premium Subscription Only
  • UNLIMITED ACCESS
  • Course Certificate
506 STUDENTS ENROLLED

Certificate Validation

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013