Forensics Imaging Practical Course (W10)

$119.00

Out of stock

The access to this course is restricted to eForensics Premium or IT Pack Premium Subscription

18 CPE credits

You will learn ...

    •       How to create images of hard drives


    •       Adding evidence Items


    •       How to preview files and folders on the hard drive


    •       Mounting an image for read only viewing


    •       Removing Evidence


    •       Acquiring Protected files


    •       Encrypted Images


    •       Creating hashes using hash functions (MD5) and (SHA-1)


    •       Create a hash report to prove integrity of evidence



SYLLABUS

Stage 1: Installing the Forensic Toolkit

    • System Requirements


    • Supported File Systems and Image Formats


    • System Preparation


    • Basic Installation


    • Basic Install from CD


    • Basic Install from Downloadable Files


    • - articles


    • - workshops tutorials/videos


    • - practical tasks


    • - exam at the end



Stage 2: FTK Overview

    • Acquiring and Preserving the Evidence


    • Analyzing the Evidence


    • Hashing


    • Known File Filter


    • Searching


    • Presenting the Evidence


    • - articles


    • - workshops tutorials/videos


    • - practical tasks


    • - exam at the end



Stage 3: Preparing the Evidence Disk

    • Adding Evidence


    • Completing the Add Evidence Form


    • Selecting Evidence Processes


    • Managing Evidence


    • Refining the Index


    • Reviewing Evidence Setup


    • Processing the Evidence.


    • - articles


    • - workshops tutorials/videos


    • - practical tasks


    • - exam at the end



Stage 4: Acquiring a Disk Image

    • Imaging a live system


    • Decide if you are going to image a physical or logical disk


    • The advantages of acquiring a physical disk


    • Acquiring a logical drive


    • Mount your evidence drive on the suspect system


    • - articles


    • - workshops tutorials/videos


    • - practical tasks


    • - exam at the end



Stage 5: Analyzing the Evidence

    • Hashing


    • Known File Filter


    • Searching


    • - articles


    • - workshops tutorials/videos


    • - practical tasks


    • - exam at the end



Stage 6: Creating a Report

    • “Starting a Case”


    • “Entering Forensic Examiner Information”


    • “Completing the New Case Form”


    • “Selecting Case Log Options”


    • “Selecting Evidence Processes”


    • “Refining the Case”


    • “Refining the Index”


    • “Managing Evidence”


    • “Reviewing Case Summary”


    • “Processing the Evidence”


    • - articles


    • - workshops tutorials/videos


    • - practical tasks


    • - exam at the end


© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013