The access to this course is restricted to eForensics Premium or IT Pack Premium Subscription

Course archive

The courses below were all published in 2015 or earlier. While we stand by pubishing them then, we've grown so much since. We recognize that these workshops don't exactly meet our standards, as we understand them today. 

All classes are available within our premium membership, and have adjusted CPE awards to reflect their respective contents. If you join, please keep in mind that some of the information inside might be outdated or not relevant. We'll be adding notes at the beginning of each course to let you know what's worth checking out in each! 


The access to this course is restricted to eForensics Premium or IT Pack Premium Subscription


18 CPE credits

You will learn ...

    •       How to create images of hard drives


    •       Adding evidence Items


    •       How to preview files and folders on the hard drive


    •       Mounting an image for read only viewing


    •       Removing Evidence


    •       Acquiring Protected files


    •       Encrypted Images


    •       Creating hashes using hash functions (MD5) and (SHA-1)


    •       Create a hash report to prove integrity of evidence



SYLLABUS

Stage 1: Installing the Forensic Toolkit

    • System Requirements


    • Supported File Systems and Image Formats


    • System Preparation


    • Basic Installation


    • Basic Install from CD


    • Basic Install from Downloadable Files


    • - articles


    • - workshops tutorials/videos


    • - practical tasks


    • - exam at the end



Stage 2: FTK Overview

    • Acquiring and Preserving the Evidence


    • Analyzing the Evidence


    • Hashing


    • Known File Filter


    • Searching


    • Presenting the Evidence


    • - articles


    • - workshops tutorials/videos


    • - practical tasks


    • - exam at the end



Stage 3: Preparing the Evidence Disk

    • Adding Evidence


    • Completing the Add Evidence Form


    • Selecting Evidence Processes


    • Managing Evidence


    • Refining the Index


    • Reviewing Evidence Setup


    • Processing the Evidence.


    • - articles


    • - workshops tutorials/videos


    • - practical tasks


    • - exam at the end



Stage 4: Acquiring a Disk Image

    • Imaging a live system


    • Decide if you are going to image a physical or logical disk


    • The advantages of acquiring a physical disk


    • Acquiring a logical drive


    • Mount your evidence drive on the suspect system


    • - articles


    • - workshops tutorials/videos


    • - practical tasks


    • - exam at the end



Stage 5: Analyzing the Evidence

    • Hashing


    • Known File Filter


    • Searching


    • - articles


    • - workshops tutorials/videos


    • - practical tasks


    • - exam at the end



Stage 6: Creating a Report

    • “Starting a Case”


    • “Entering Forensic Examiner Information”


    • “Completing the New Case Form”


    • “Selecting Case Log Options”


    • “Selecting Evidence Processes”


    • “Refining the Case”


    • “Refining the Index”


    • “Managing Evidence”


    • “Reviewing Case Summary”


    • “Processing the Evidence”


    • - articles


    • - workshops tutorials/videos


    • - practical tasks


    • - exam at the end


Course Reviews

N.A

ratings
  • 5 stars0
  • 4 stars0
  • 3 stars0
  • 2 stars0
  • 1 stars0

No Reviews found for this course.

TAKE THIS COURSE
  • Premium Subscription Only
  • 27 years, 9 months
  • Course Certificate
571 STUDENTS ENROLLED

Certificate Validation

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013