• LOGIN
  • No products in the cart.

This course will teach you how to recover virtual machines on lost VMFS partitions from the Linux operating system environment.

In this course you will learn how to recover virtual machines from lost VMFS partitions from the Linux operating system environment. Whether for forensic investigations, incident response, or simply data recovery, this workshop will add one more tool to your arsenal. To make sure you come out with a new skill in hand, the workshop includes a practical workshop simulating a forensics investigation, in which you will be asked to perform data recovery and provide a report on your findings. 

Early bird price for the first 10 seats! 


Course opens: November 22nd, 2017

Course duration: 4 hours (4 CPE points)

Pre-recorded, Self-paced



What will you learn?

Students will learn how to use the dcfldd command line for disk/volume image generation. They will use the losetup utility in conjunction with fdisk to evaluate the partition information expected to be recovered/mounted. They will also learn how to install and use the vmfs-tools package to manage the lost/hidden partitions.


What skills will you gain?

  • Students will learn about the importance of making use of RAW images for data recovery activities;
  • Ability to use dcfldd, losetup and vmfs-tools;
  • Ability to identify and manage VMFS partitions (Core partition/VM partition), even though the partition is not identified.

What will you need?

  • Basic concepts of the Linux operating environment;
  • Basic concepts on RAW Images;
  • A small volume 2.0Gb drive just for exercising RAW imaging.

What should you know before you join?

  • Basic concepts of the Linux operating environment;
  • Basic concepts on RAW Images;
  • Basic understanding of VMware environment.

Your instructor: Washington  Almeida

Washington Almeida is a Forensic specialist with academic background in Electronic Engineering and Information Technology. Specialized in Digital Forensics and Cyber Security with more than twenty five years of experience, familiar with digital forensic procedures that comprises digital forensics investigations phases as collection, examination, analysis and reporting, assisting justice in cases involving social media environment, instant messaging, droppers, ransomware, intellectual property rights infringement, e-mails system, HR systems, databases, data theft, bank fraud, computer hacking, Internet applications among others. MCSE Microsoft Certified consistently updated and maintaining an excellent understanding of the Microsoft Windows environment, Internet applications and Linux/Unix platforms which makes him comfortable when it comes to technical details.

Instructor curriculum: http://www.washingtonalmeida.com.br/curriculum.html


Covered topics

  • Differences between cloning and imaging;
  • Why cloning/imaging is important;
  • Using dcfldd command line;
  • Using hash function;
  • Using losetup;
  • Using fdisk on loop devices;
  • Installing vmfs-tools from Linux repository;
  • Cloning vmfs-tools from Github repository;
  • Using vmfs-fuse

Practical exercises:

  • RAW image creation;
  • Check hashes from source data and image file;
  • Recover VMFS partitions.

Course format: 

  • The course is self-paced – you can visit the training whenever you want and your content will be there.
  • Once you’re in, you keep access forever, even when you finish the course.
  • There are no deadlines, except for the ones you set for yourself.
  • We designed the course so that a diligent student will need about 18 hours of work to complete the training.
  • The course contains video and text materials, accompanied by practical labs and exercises.

Questions? Contact our course coordinator Marta at [email protected]

Course Reviews

N.A

ratings
  • 5 stars0
  • 4 stars0
  • 3 stars0
  • 2 stars0
  • 1 stars0

No Reviews found for this course.

TAKE THIS COURSE
  • $79.00 $59.00
  • UNLIMITED ACCESS
  • Course Certificate
44 STUDENTS ENROLLED

Who’s Online

Profile picture of Justin

Certificate Code

eForensics Magazine's online courses are conducted by experts on our online platform. Courses are designed for hackers, pentesters, IT security experts – professionals and ethusiasts alike. During the course you will not only learn the material and gain the skill, you will also get the unique opportunity to train under the supervision of some of the best experts out there.

The courses are self-paced, and are available on demand. When the course is in session, we release new materials every week, but you can always join in and catch up – when the session ends, everything stays on the website. The added benefit of participating in a session is the hands-on guidance you get from the instructor!

flexible approach; instructor's guidance; course certificate; 18 CPE points for every completed course;

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013