On this day the student will master techniques used for acquiring computer based evidence in a forensically sound fashion. Utilizing the same tried and true methods practiced by law enforcement, you will learn how to acquire, authenticate, and maintain the integrity of evidence.
The topics for this day are very hands-on. Each Digital Forensics Examiner will acquire a hard drive image and will learn how to manually recover deleted data. This will form the basis of understanding how the automated forensic tools actually work - the cornerstone of being able to understand how to verify evidence and authenticate that forensic tools are working properly. While this is typically left out of other courses, you'll see the importance of actually knowing how the forensic tools work, enabling you to use and authenticate a variety of tools.
You will also learn techniques utilized by CyberSecurity Institute to quickly and efficiently obtain evidence from large hard drives that would otherwise take days to process. These techniques alone will show you how to process evidence and find the "low hanging fruit" while others would still be initializing a case.
DAY TWO TOPICS
Evidence Acquisition and Hands-On Labs
Recovering Deleted Data
Evening Session: Optional, Until 21:00
Open Topics Based On Student Requests
Copyright © 2013 All rights reserved. Aurenav LLC.