Learning Computer Forensics

February 21, 2019 Courses
Learning Computer Forensics

English | MP4 | AVC 1280×720 | AAC 48KHz 2ch | 2h 49m | 517 MB

Computer forensics is used to find legal evidence in computers, mobile devices, or data storage units. Although this course won’t teach you everything you need to know to become a digital forensics detective, it does cover all the essentials of this growing (and exciting) technical field. Jungwoo Ryoo reviews the basics: the goals of computer forensics, the types of investigations it’s used for, and the different specializations within the field. Then, he shows how to prepare for an investigation; acquire data; make sure data is kept in its original state with software and hardware write blockers; analyze the data; and generate a report. He uses a combination of open-source and commercial software, so you’ll be able to uncover the information you need with tools that are in your budget.

Topics include:

  • Goals of computer forensics
  • Pursuing a career in computer forensics
  • Using a hex editor
  • File system fundamentals
  • Partitioning a data storage device
  • Acquiring data
  • Ensuring data integrity with hashing
  • Indexing and searching
  • Generating a report
Table of Contents

Introduction
1 Learning computer forensics
2 What you should know

Understanding Computer Forensics
3 Goals of computer forensics
4 History
5 Types of investigations
6 Tools
7 Legal implications
8 Current and future trends
9 Challenges
10 Anti-forensics techniques
11 Compliance and forensics
12 Cybersecurity and forensics

Careers
13 Specializations in computer forensics
14 Network forensics
15 Operating system forensics
16 Web forensics
17 Cloud forensics
18 Malware forensics
19 Mobile forensics
20 Email forensics
21 Certifications

Preparing for an Investigation
22 Tools and knowledge requirements
23 Hardware
24 Software
25 Understanding hexadecimal (hex) numbers
26 Using a hex editor
27 Understanding an offset
28 Forensics OS distributions

File System Fundamentals
29 Understanding file systems
30 Understanding the boot sequence
31 Understanding disk drives
32 Understanding the master boot record (MBR)
33 Understanding partitioning

Preserving Data
34 Evidence preservation approaches
35 Understanding the role of write blockers
36 Using a software write blocker
37 Using hardware write blockers
38 Understanding hashing
39 Hashing algorithms
40 Hashing in FTK Imager
41 Understanding mounting
42 Mounting manually

Acquiring Data
43 Data acquisition approaches
44 Static acquisition with open-source tools
45 Creating split-disk image files with dd
46 Static acquisition with dcfldd
47 Live acquisition with a commercial tool
48 Memory dump analysis with volatility

Analyzing Data
49 Forensic data analysis
50 Indexing
51 Searching
52 Generating a report
53 Hex editor analysis of a file with a wrong extension
54 Hex editor analysis of a bit-shifted file
55 Steganography

Conclusion
56 Next steps

Resolve the captcha to access the links!