Practical Field Forensics
This course will expand on the topics covered in the 2-Day First Responders Workshop and will give plenty of hands-on time to learn the skills required to capture data, preserve evidence and prevent further damage to computer systems. The course will cover the following topics:
- Preparing and validating open source and commercial applications
- Creating a jump kit and your own forensics lab
- Methodology for data forensics
- Live system forensics
- Memory acquisition and forensic analysis (practical exercises)
- Seizure and evidence handling of a computer (practical exercises)
- Hard drives, FAT/NTFS file system essentials (Win XP/Windows 7)
- Analysis
- Key Windows files
- Registry analysis
- Internet Activity
- Anti-forensics
- Documenting and presenting forensic findings