Forensics Imaging Practical Course (W10)

(2 customer reviews)

$119.00

Out of stock

Course archive

The courses below were all published in 2015 or earlier. While we stand by pubishing them then, we've grown so much since. We recognize that these workshops don't exactly meet our standards, as we understand them today. 

All classes are available within our premium membership, and have adjusted CPE awards to reflect their respective contents. If you join, please keep in mind that some of the information inside might be outdated or not relevant. We'll be adding notes at the beginning of each course to let you know what's worth checking out in each! 


The access to this course is restricted to eForensics Premium or IT Pack Premium Subscription


18 CPE credits, Self-paced

You will learn ...

  • How to create images of hard drives
  • Adding evidence Items
  • How to preview files and folders on the hard drive
  • Removing Evidence
  • Acquiring Protected files
  • Encrypted Images
  • Creating hashes using hash functions (MD5) and (SHA-1)
  • Create a hash report to prove integrity of evidence

SYLLABUS


Stage 1: Installing the Forensic Toolkit

  • System Requirements
  • Supported File Systems and Image Formats
  • System Preparation
  • Basic Installation
  • Basic Install from CD
  • Basic Install from Downloadable Files
  • articles
  • workshops tutorials/videos
  • practical tasks
  • exam at the end

Stage 2: FTK Overview

  • Acquiring and Preserving the Evidence
  • Analyzing the Evidence
  • Hashing
  • Known File Filter
  • Searching
  • Presenting the Evidence
  • articles
  • workshops tutorials/videos
  • practical tasks
  • exam at the end

Stage 3: Preparing the Evidence Disk

  • Adding Evidence
  • Completing the Add Evidence Form
  • Selecting Evidence Processes
  • Managing Evidence
  • Refining the Index
  • Reviewing Evidence Setup
  • Processing the Evidence.
  • articles
  • workshops tutorials/videos
  • practical tasks
  • exam at the end

Stage 4: Acquiring a Disk ImageImaging a live system

  • Decide if you are going to image a physical or logical disk
  • The advantages of acquiring a physical disk
  • Acquiring a logical drive
  • Mount your evidence drive on the suspect system
  • articles
  • workshops tutorials/videos
  • practical tasks
  • exam at the end

Stage 5: Analyzing the Evidence

  • Hashing
  • Known File Filter
  • Searching
  • articles
  • workshops tutorials/videos
  • practical tasks
  • exam at the end

Stage 6: Creating a Report

  • “Starting a Case”
  • “Entering Forensic Examiner Information”
  • “Completing the New Case Form”
  • “Selecting Case Log Options”
  • “Selecting Evidence Processes”
  • “Refining the Case”
  • “Refining the Index”
  • “Managing Evidence”
  • “Reviewing Case Summary”
  • “Processing the Evidence”
  • articles
  • workshops tutorials/videos
  • practical tasks
  • exam at the end

Contact:

If you have any questions, please contact us at [email protected].

2 reviews for Forensics Imaging Practical Course (W10)

  1. RABIDFOX

    Its a bit basic and is essentially a guide to using ftk the most useful part is teaching you how to get windows registry hives

  2. Kevin Jennings

    Short but straightforward tutorial on an important piece of software! I’ve been using FTK Imager for years and I learned a few new tricks.

Only logged in customers who have purchased this product may leave a review.

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023