Computer Forensics. Securing and Analysing Digital Information
|
|
- Shon Gaines
- 8 years ago
- Views:
Transcription
1 Computer Forensics Securing and Analysing Digital Information
2 Aims What is a computer? Where is the evidence? Why is digital forensics important? Seizing evidence Encryption Hidden files and folders Live acquisitions Dead box acquisitions Forensic image, processing analysis and results Forensic tools how they work File Structure, metadata, exif data Bookmarks and reports Lab costs
3 What is a computer? Laptops Desktops Tablets Phones Storage Date Arial 14pt
4 Where is the evidence? Properties Internet Cloud People Corporate Networks Companies International Jurisdictions
5 Why is digital forensics important? What can we recover? Word Pictures Excel PowerPoint Adobe PDF Location data Time and date Illegal content Associates Internet Contacts Calendar
6 Seizing evidence Switched on? Call an expert! Switched off? Bag it!
7 Encryption Encryption may prevent data recovery Specialist techniques and training is required Specialist software and hardware is required If the computer is switched on, call an expert Where is the password? This is why live acquisition is important!
8 Freedom of Information Act Protective Marking Title: Publication Scheme Y/N: Summary: Branch / OCU: Date created: Review date: Version: Author: Keyspace Demonstration
9 Hidden Files and Folders Hidden files are difficult to find Specialist software is required If the computer is switched on, call an expert What software is being used? This is why live acquisition is important!
10 Freedom of Information Act Protective Marking Title: Publication Scheme Y/N: Summary: Branch / OCU: Date created: Review date: Version: Author: Hidden Picture Demonstration
11 Live Acquisition Why not turn it off and bag it? Allows us to recover volatile data RAM (Random Access Memory) Triage the evidence Programs Which can contain How? Specialist forensic tools Hidden Files Decryption Passwords Evidence Recent activity
12 Live Acquisition Specialist Forensic Tools
13 Freedom of Information Act Protective Marking Title: Publication Scheme Y/N: Summary: Branch / OCU: Date created: Review date: Version: Author: EnCase Portable Demonstration
14 Deadbox Acquisition Switched off? Bag it! What do we do with it? Create forensic Image Computer may have special boot mode Image using forensic imagers How? Image using forensic software What if you can t remove Remove the Hard drive
15 Deadbox Acquisition Forensic Imagers Provides a bridge between media Provides write protection for the evidence
16 Freedom of Information Act Protective Marking Title: Publication Scheme Y/N: Summary: Branch / OCU: Date created: Review date: Version: Author: Memory Card Acquisition Demonstration
17 Forensic Image What is a forensic image? Protected data container Given a unique identifier (Hash) Consists off: File Name Text File Case Info Notes Data Blocks Hash Hash important for exhibit continuity Image file types.eo1.e01. L01.Lx01.Ex01.AD1
18 EnCase Examiner Processing Analysis and Results Forensic Tools
19 Forensic Tool Kit (FTK) Processing Analysis and Results Forensic Tools
20 Processing Analysis and Results Internet Evidence Finder (IEF) Forensic Tools
21 Forensic Tools How they work Examining file structures All file types have a formal data structure Information inside the file File Identifiers Headers Footers
22 Forensic Tools How they work Examining the Master File Table Record of all the files stored on a drive Size File Name File Type Location Created Accessed Modified Deleted
23 Freedom of Information Act Protective Marking Title: Publication Scheme Y/N: Summary: Branch / OCU: Date created: Review date: Version: Author: FTK Memory Card Demonstration
24 Metadata and Exif Data What do we get? Information within a Picture file Camera, Make, Model GPS Location Dates Times Author
25 Freedom of Information Act Protective Marking Title: Publication Scheme Y/N: Summary: Branch / OCU: Date created: Review date: Version: Author: Exif Data Demonstration
26 Processing Analysis and Results Bookmark and Reports Highlights Files Add Comments Attach files Export to Reports
27 Lab Costs Staff Equipment Versus Contractors Training
28 Summary What is a computer? Where is the evidence? Why is digital forensics important? Seizing evidence Encryption Hidden files and folders Live acquisitions Dead box acquisitions Forensic image, processing analysis and results Forensic tools how they work File Structure, metadata, exif data Bookmarks and reports Lab costs
29 Freedom of Information Act Protective Marking Title: Publication Scheme Y/N: Summary: Branch / OCU: Date created: Review date: Version: Author:
EC-Council Ethical Hacking and Countermeasures
EC-Council Ethical Hacking and Countermeasures Description This class will immerse the students into an interactive environment where they will be shown how to scan, test, hack and secure their own systems.
More informationEnCase 7 - Basic + Intermediate Topics
EnCase 7 - Basic + Intermediate Topics Course Objectives This 4 day class is designed to familiarize the student with the many artifacts left behind on Windows based media and how to conduct a forensic
More informationJust EnCase. Presented By Larry Russell CalCPA State Technology Committee May 18, 2012
Just EnCase Presented By Larry Russell CalCPA State Technology Committee May 18, 2012 What is e-discovery Electronically Stored Information (ESI) Discover or Monitor for Fraudulent Activity Tools used
More informationACE STUDY GUIDE. 3. Which Imager pane shows information specific to file systems such as HFS+, NTFS, and Ext2? - Properties Pane
ACE STUDY GUIDE *Note* All of the actual exam questions are in multiple choice format. This Study Guide is designed to cover all of the material on the exam, 1. FTK Imager supports the encryption of forensic
More informationDigital Forensics Tutorials Acquiring an Image with FTK Imager
Digital Forensics Tutorials Acquiring an Image with FTK Imager Explanation Section Digital Forensics Definition The use of scientifically derived and proven methods toward the preservation, collection,
More informationComputer Hacking Forensic Investigator v8
CÔNG TY CỔ PHẦN TRƯỜNG CNTT TÂN ĐỨC TAN DUC INFORMATION TECHNOLOGY SCHOOL JSC LEARN MORE WITH LESS! Computer Hacking Forensic Investigator v8 Course Description: EC-Council releases the most advanced Computer
More informationDiscovery of Electronically Stored Information ECBA conference Tallinn October 2012
Discovery of Electronically Stored Information ECBA conference Tallinn October 2012 Jan Balatka, Deloitte Czech Republic, Analytic & Forensic Technology unit Agenda Introduction ediscovery investigation
More informationFall. Forensic Examination of Encrypted Systems Matthew Postinger COSC 374
Fall 2011 Forensic Examination of Encrypted Systems Matthew Postinger COSC 374 Table of Contents Abstract... 3 File System Encryption... 3 Windows EFS... 3 Apple FileVault... 4 Full Disk Encryption...
More informationCLOUD STORAGE FORENSICS MATTIA EPIFANI SANS EUROPEAN DIGITAL FORENSICS SUMMIT PRAGUE, 7 OCTOBER 2013
CLOUD STORAGE FORENSICS MATTIA EPIFANI SANS EUROPEAN DIGITAL FORENSICS SUMMIT PRAGUE, 7 OCTOBER 2013 SUMMARY Cloud Storage services Testing environment and methodology Forensics artifacts left by Cloud
More informationSecure Storage. Lost Laptops
Secure Storage 1 Lost Laptops Lost and stolen laptops are a common occurrence Estimated occurrences in US airports every week: 12,000 Average cost of a lost laptop for a corporation is $50K Costs include
More informationCourse Title: Computer Forensic Specialist: Data and Image Files
Course Title: Computer Forensic Specialist: Data and Image Files Page 1 of 9 Course Description The Computer Forensic Series by EC-Council provides the knowledge and skills to identify, track, and prosecute
More informationDigital Forensic Techniques
Digital Forensic Techniques Namrata Choudhury, Sr. Principal Information Security Analyst, Symantec Corporation Professional Techniques T23 CRISC CGEIT CISM CISA AGENDA Computer Forensics vs. Digital Forensics
More informationComputer Forensics and Investigations Duration: 5 Days Courseware: CT 0619217065
Computer Forensics and Investigations Duration: 5 Days Courseware: CT 0619217065 Introduction The Computer Forensics and Investigation course presents methods to properly conduct a computer forensics investigation
More informationEnCase Forensic Product Overview
GUIDANCE SOFTWARE EnCase Forensic EnCase Forensic Product Overview The Standard in Digital Investigations GUIDANCE SOFTWARE EnCase Forensic EnCase Forensic Version 7 The mission of Guidance Software has
More informationIncident Response and Computer Forensics
Incident Response and Computer Forensics James L. Antonakos WhiteHat Forensics Incident Response Topics Why does an organization need a CSIRT? Who s on the team? Initial Steps Detailed Project Plan Incident
More informationOverview of Computer Forensics
Overview of Computer Forensics Don Mason, Associate Director National Center for Justice and the Rule of Law University of Mississippi School of Law [These materials are based on 4.3.1-4.3.3 in the National
More informationComputer Forensic Capabilities
Computer Forensic Capabilities Agenda What is computer forensics? Where to find computer evidence Forensic imaging Forensic analysis What is Computer Forensics? The preservation, identification, extraction,
More informationAdvanced Methods and Techniques
2013 CTIN Digital Forensics Conference Advanced Methods and Techniques Brett Shavers 2013 CTIN Digital Forensics Conference The XWF Book Not done yet Eric Zimmerman (FBI) is the coauthor Jimmy Weg is the
More informationRetrieving Internet chat history with the same ease as a squirrel cracks nuts
Retrieving Internet chat history with the same ease as a squirrel Yuri Gubanov CEO, Belkasoft http://belkasoft.com SANS Forensic Summit September 21, 2011 London, Great Britain What is Instant Messenger!
More informationEnCase Portable. Extend Your Forensic Reach with Powerful Triage & Data Collection
GUIDANCE SOFTWARE EnCase Portable EnCase Portable Extend Your Forensic Reach with Powerful Triage & Data Collection GUIDANCE SOFTWARE EnCase Portable EnCase Portable Triage and Collect with EnCase Portable
More informationTechnical Procedure for Evidence Search
Technical Procedure for Evidence Search 1.0 Purpose - The purpose of this procedure is to provide a systematic means of searching digital evidence in order to find data sought by the search authorization.
More informationCYBER FORENSICS. KRISHNA SASTRY PENDYALA Cyber Forensic Division Central Forensic Science Laboratory Hyderabad.
CYBER FORENSICS KRISHNA SASTRY PENDYALA Cyber Forensic Division Central Forensic Science Laboratory Hyderabad. 11 DIGITAL EVIDENCE? Cyber crimes Digital evidence Digital evidence is any information of
More informationPresentation Title Presentation Subtitle. The Unique Alternative to the Big Four
Presentation Title Presentation Subtitle The Unique Alternative to the Big Four Speaker Biography Tim L. Bryan, CPA/CFF/CITP, CISA, EnCE Senior Manager, Crowe Horwath LLP Forensic Technology Services Leader
More informationDigital Forensics. Tom Pigg Executive Director Tennessee CSEC
Digital Forensics Tom Pigg Executive Director Tennessee CSEC Definitions Digital forensics Involves obtaining and analyzing digital information as evidence in civil, criminal, or administrative cases Analyze
More informationDeveloping Computer Forensics Solutions for Terabyte Investigations
Developing Computer Forensics Solutions for Terabyte Investigations Eric Thompson Corporation Orem, Utah USA www.accessdata.com Overview Computer Forensic Definition, Objectives and Policies History of
More informationRecovering Digital Evidence in a Cloud Computing Paradigm. Jad Saliba Founder and CTO
Recovering Digital Evidence in a Cloud Computing Paradigm Jad Saliba Founder and CTO Background Teenage geek - IT/Software industry Police officer for 7 years Worked in Tech Crimes Unit Started JADsoftware
More informationMAC/OSX - How to Encrypt Data using TrueCrypt. v.05201011
MAC/OSX - How to Encrypt Data using TrueCrypt v.05201011 This chapter contains step-by-step instructions on how to create, mount, and use a TrueCrypt volume. We strongly recommend that you read the entire
More information2! Bit-stream copy. Acquisition and Tools. Planning Your Investigation. Understanding Bit-Stream Copies. Bit-stream Copies (contd.
Acquisition and Tools COMP 2555: Principles of Computer Forensics Autumn 2014 http://www.cs.du.edu/2555 1 Planning Your Investigation! A basic investigation plan should include the following activities:!
More informationMac Marshal: A Tool for Mac OS X Operating System and Application Forensics
Mac Marshal: A Tool for Mac OS X Operating System and Application Forensics Rob Joyce, Judson Powers, Frank Adelstein A Subsidiary of Architecture Technology Corporation Digital Forensic Research Workshop
More informationCOMPUTER FORENSICS (EFFECTIVE 2013-14) ACTIVITY/COURSE CODE: 5374 (COURSE WILL BE LISTED IN THE 2013-14 CATE STUDENT REPORTING PROCEDURES MANUAL)
COMPUTER FORENSICS (EFFECTIVE 2013-14) ACTIVITY/COURSE CODE: 5374 (COURSE WILL BE LISTED IN THE 2013-14 CATE STUDENT REPORTING PROCEDURES MANUAL) COURSE DESCRIPTION: Computer Forensics is focused on teaching
More informationForensic Toolkit. Sales and Promotional Summary ACCESSDATA, ON YOUR RADAR
Forensic Toolkit Sales and Promotional Summary ACCESSDATA, ON YOUR RADAR What is AccessData s Forensic Toolkit? Also known as FTK, this application enables you to perform complete and thorough computer
More informationDigital Forensics: The aftermath of hacking attacks. AHK Committee Meeting April 19 th, 2015 Eng. Jamal Abdulhaq Logos Networking FZ LLC
Digital Forensics: The aftermath of hacking attacks AHK Committee Meeting April 19 th, 2015 Eng. Jamal Abdulhaq Logos Networking FZ LLC Topics Digital Forensics: Brief introduction Case Studies Case I:
More informationMSc Computer Security and Forensics. Examinations for 2009-2010 / Semester 1
MSc Computer Security and Forensics Cohort: MCSF/09B/PT Examinations for 2009-2010 / Semester 1 MODULE: COMPUTER FORENSICS & CYBERCRIME MODULE CODE: SECU5101 Duration: 2 Hours Instructions to Candidates:
More informationGuide to Computer Forensics and Investigations, Second Edition
Guide to Computer Forensics and Investigations, Second Edition Chapter 9 Data Acquisition Objectives Determine the best acquisition method Plan data-recovery contingencies Use MS-DOS acquisition tools
More informationMobile memory dumps, MSAB and MPE+ Data collection Information recovery Analysis and interpretation of results
Mobile memory dumps, MSAB and MPE+ Data collection Information recovery Analysis and interpretation of results Physical Extraction Physical extraction involves either Removing chips from circuit board
More informationHow To Be A Computer Forensics Examiner
Richard A. Peacock 410.346.7288 (Office) 443.398.5246 (Cell) rich@realforensicanalysis.com EnCase Certified Examiner (EnCE) Access Data Certified Examiner (ACE) Access Data Mobile Phone Certified Examiner
More informationRicoh Legal. Live Data Acquisition: The New Default Standard for Capturing ESI?
Ricoh Legal Live Data Acquisition: The New Default Standard for Capturing ESI? By David Greetham, National Director of Forensics, Legal Enterprise Solutions Live computer forensic imaging, which is performed
More informationScientific Working Group on Digital Evidence
Disclaimer: As a condition to the use of this document and the information contained therein, the SWGDE requests notification by e-mail before or contemporaneous to the introduction of this document, or
More informationDigital Forensics. Module 4 CS 996
Digital Forensics Module 4 CS 996 Hard Drive Forensics Acquisition Bit for bit copy Write protect the evidence media EnCase for DOS Safeback (NTI: www.forensics-intl.com) Analysis EnCase FTK (www.accessdata.com)
More informationWhat is Digital Forensics?
DEVELOPING AN UNDERGRADUATE COURSE IN DIGITAL FORENSICS Warren Harrison PSU Center for Information Assurance Portland State University Portland, Oregon 97207 warren@cs.pdx.edu What is Digital Forensics?
More informationIntroducing a New Era in Digital Forensic Investigations BUILDING AN EFFECTIVE, EFFICIENT FORENSICS SOLUTION
Introducing a New Era in Digital Forensic Investigations Investigators today need much more than a disparate bag of tools to get the job done. Case loads and case complexity are increasing at an explosive
More informationHow To Solve A Violent Home Invasion With A United Force
Use Case SOLVING VIOLENT CRIMES WITH A UNIFIED WORKFLOW In a Violent Home Invasion Investigation, the UFED Series Seamlessly Unifies Workflows from Field to Lab A series of violent home invasions has everyone
More informationResearch on Digital Forensics Based on Private Cloud Computing
Research on Digital Forensics Based on Private Cloud Computing Gang Zeng Police Information Technology Department, Liaoning Police Academy, Liaoning, China ABSTRACT With development of network, massive
More informationChapter 7 Securing Information Systems
1 Chapter 7 Securing Information Systems LEARNING TRACK 3: COMPUTER FORENSICS For thirty years, a serial murderer known as the BTK killer (standing for bind, torture, and kill) remained at large in Wichita,
More informationComputing forensics: a live analysis
April 18th, 2005 1 2 3 Objectives Evidence acquisition Recovery and examination of suspect digital evidence (think Warrick Brown on CSI) Hardware: servers, workstations, laptops, PDAs, mobiles, cameras
More informationCarry it Easy. User Guide
Carry it Easy User Guide User Manual Version 3.2 2004-2010 CoSoSys Ltd. Carry it Easy User Manual Table of Contents Table of Contents... I 1. Introduction... 1 2. System Requirements... 1 3. Installation...
More informationMedia Device Encryption
Media Device Encryption The age of portable media has brought us a plethora of mobile media devices that allow information to be easily transported from place to place. Though portable media devices like
More informationENTERPRISE COMPUTER INCIDENT RESPONSE AND FORENSICS TRAINING
ENTERPRISE COMPUTER INCIDENT RESPONSE AND FORENSICS TRAINING MODULE A INTRODUCTION TO COMPUTER FORENSICS AND NVESTIGATIONS A1.0 Explain concepts related to computer forensics. A1.1 This module is measured
More information10 Ways to Not Get Caught Hacking On Your Mac
10 Ways to Not Get Caught Hacking On Your Mac Three18 is a Comprehensive Technology Solutions Provider Apple Certified Partner Microsoft Gold Partner Symantec Security Solutions Partner Novell and RedHat
More informationHands-On How-To Computer Forensics Training
j8fm6pmlnqq3ghdgoucsm/ach5zvkzett7guroaqtgzbz8+t+8d2w538ke3c7t 02jjdklhaMFCQHihQAECwMCAQIZAQAKCRDafWsAOnHzRmAeAJ9yABw8v2fGxaq skeu29sdxrpb25zidxpbmznogtheories...ofhilz9e1xthvqxbb0gknrc1ng OKLbRXF/j5jJQPxXaNUu/It1TQHSiyEumrHNsnn65aUMPnrbVOVJ8hV8NQvsUE
More informationMetadata in Microsoft Office and in PDF Documents Types, Export, Display and Removal
White Paper Metadata in Microsoft Office and in PDF Documents Types, Export, Display and Removal Copyright 2002-2009 soft Xpansion GmbH & Co. KG White Paper Metadata in PDF Files 1 Contents Term Definitions
More informationEnCase Portable Demo P A G E 0
EnCase Portable Demo P A G E 0 EnCase Portable Easy to Use Collection Solution Brent Botta Director of ediscovery Solution Agenda P A G E 2 EnCase Portable Solution What is it? Business Issues to Utilize
More informationEntrust Managed Services PKI. Getting an end-user Entrust certificate using Entrust Authority Administration Services. Document issue: 2.
Entrust Managed Services PKI Getting an end-user Entrust certificate using Entrust Authority Administration Services Document issue: 2.0 Date of issue: June 2009 Revision information Table 1: Revisions
More informationFull Drive Encryption Security Problem Definition - Encryption Engine
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 Full Drive Encryption Security Problem Definition - Encryption Engine Introduction for the FDE Collaborative Protection Profiles
More informationUsing Computer Forensics in your Investigations
Deloitte Financial Advisory Services LLP Using Computer Forensics in your Investigations Presented to: ISACA Los Angeles Chapter Dave Nardoni January 12 th, 2010 Agenda Introduction Analytic & Forensic
More informationImpact of Digital Forensics Training on Computer Incident Response Techniques
Impact of Digital Forensics Training on Computer Incident Response Techniques Valorie J. King, PhD Collegiate Associate Professor University of Maryland University College Presentation to AFCEA June 25,
More informationWorksheet - Document management and Cloud Services on the ipad
Worksheet - Document management and Cloud Services on the ipad This worksheet requires installation of the following ipad apps: Adobe Reader, Google Drive, Chrome, Windows Skydrive, Dropbox and Goodreader.
More informationDIGITAL FORENSIC INVESTIGATION, COLLECTION AND PRESERVATION OF DIGITAL EVIDENCE. Vahidin Đaltur, Kemal Hajdarević,
DIGITAL FORENSIC INVESTIGATION, COLLECTION AND PRESERVATION OF DIGITAL EVIDENCE Vahidin Đaltur, Kemal Hajdarević, Internacional Burch University, Faculty of Information Technlogy 71000 Sarajevo, Bosnia
More informationEntrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0
Entrust Managed Services PKI Getting started with digital certificates and Entrust Managed Services PKI Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust
More informationPTK Forensics. Dario Forte, Founder and Ceo DFLabs. The Sleuth Kit and Open Source Digital Forensics Conference
PTK Forensics Dario Forte, Founder and Ceo DFLabs The Sleuth Kit and Open Source Digital Forensics Conference What PTK is about PTK forensics is a computer forensic framework based on command line tools
More informationCloud Forensics. 175 Lakeside Ave, Room 300A Phone: 802/865-5744 Fax: 802/865-6446 http://www.lcdi.champlin.edu
Cloud Forensics Written & Researched by: Maegan Katz & Ryan Montelbano 175 Lakeside Ave, Room 300A Phone: 802/865-5744 Fax: 802/865-6446 http://www.lcdi.champlin.edu November 4, 2013 Disclaimer: This document
More informationEnCase Endpoint Investigator Fundamentals 5/25/2016
EnCase Endpoint Investigator Fundamentals Guidance Software 1 About Us Tony Balzanto Tony Balzanto is an instructor in the Orlando, FL office of Guidance Software s Professional Development and Training
More informationTime Stamp. Instruction Booklet
Time Stamp Instruction Booklet Time Stamp Introductions Time stamp is a useful solution for backing up and restoring system, it backs up the entire computer system to the Backup Zone. Time Stamp is used
More informationDigital Forensics. Larry Daniel
Digital Forensics Larry Daniel Introduction A recent research report from The Yankee Group found that 67.6 percent of US households in 2002 contained at least one PC The investigators foresee three-quarters
More informationCloudifile: Frequently Asked Questions
Cloudifile: Frequently Asked Questions 1 Contents Cloudifile Compatibility... 3 Cloudifile Installation... 4 Cloudifile Account Registration... 5 Working with Cloudifile... 6 Cloudifile Functionality...
More informationLive System Forensics
Live System Forensics By: Tim Fernalld & Colby Lahaie Patrick Leahy Center for Digital Investigation Champlain College 2/22/12 Contents Contents... 1 1 Introduction... 2 1.1 Research Statement... 2 1.2
More informationSIMPLIFYING THE COMPLEXITY OF MOBILE DATA FORENSICS
SIMPLIFYING THE COMPLEXITY OF MOBILE DATA FORENSICS Extract the Insights that Focus Investigations CELLEBRITE UFED PRO SERIES THE DATA SOURCES THAT MATTER MOST 95% MOBILE DEVICE ITSELF 59% THIRD-PARTY
More informationITU Session Four: Device Imaging And Analysis. Mounir Kamal Q-CERT
ITU Session Four: Device Imaging And Analysis Mounir Kamal Q-CERT 2 Applying Forensic Science to Computer Systems Like a Detective, the archaeologist searches for clues in order to discover and reconstruct
More informationAccessData. Triage. Quick Start Guide. Published: December 2011
AccessData Triage Quick Start Guide Published: December 2011 1 Legal Information 2011 AccessData Group, LLC All rights reserved. No part of this publication may be reproduced, photocopied, stored on a
More informationComputer Forensic Tools. Stefan Hager
Computer Forensic Tools Stefan Hager Overview Important policies for computer forensic tools Typical Workflow for analyzing evidence Categories of Tools Demo SS 2007 Advanced Computer Networks 2 Important
More informationEnCase v7 Essential Training. Sherif Eldeeb https://eldeeb.net
هللامسب EnCase v7 Essential Training What s in this course Explore the most notable features of the new version. Everything you need to know about EnCase v7 to conduct basic investigations. Create Cases
More informationHow to create a portable encrypted USB Key using TrueCrypt
How to create a portable encrypted USB Key using TrueCrypt INTRODUCTION TrueCrypt Traveler Mode provides secure encryption for programs/files on portable devices such as USB Memory keys. It uses strong
More informationhttps://agency.governmentjobs.com/dakota/job_bulletin.cfm?jobid=1017820
Page 1 of 5 DAKOTA COUNTY Employee Relations Administration Center, 1590 Highway 55 Hastings, MN 55033-2372 651.438.4435 http://www.dakotacounty.us INVITES APPLICATIONS FOR THE POSITION OF: Electronic
More informationUSB Portable Storage Device: Security Problem Definition Summary
USB Portable Storage Device: Security Problem Definition Summary Introduction The USB Portable Storage Device (hereafter referred to as the device or the TOE ) is a portable storage device that provides
More informationTable of Contents. Introduction to MSAB Training Department... 01. Training Services Overview... 02. XRY Certification training...
Training Courses Table of Contents Introduction to MSAB Training Department... 01 Training Services Overview... 02 XRY Certification training... 03 XRY Intermediate training... 04 Advanced Acquisition
More informationWindows 8 Hacks O'REILLY* Preston Gralla. Beijing. Cambridge Famham. Koln Sebastopol Tokyo
Windows 8 Hacks Preston Gralla Beijing Cambridge Famham O'REILLY* Koln Sebastopol Tokyo Table of Contents Preface vii 1. Setup and Startup Hacks 1 Hack 01. Disable Windows 8's Lock Screen 1 Hack 02. Hack
More informationUpon Installation, Soda
Upon Installation, Soda Prompts you to create your user profile to register for a new profile Note: Asks your for your particulars Prompts you to select a password. You would need to provide this password
More information10 steps to better secure your Mac laptop from physical data theft
10 steps to better secure your Mac laptop from physical data theft Executive summary: This paper describes changes Mac users can make to improve the physical security of their laptops, discussing the context
More informationDigital Forensics, ediscovery and Electronic Evidence
Digital Forensics, ediscovery and Electronic Evidence By Digital Forensics What Is It? Forensics is the use of science and technology to investigate and establish facts in a court of law. Digital forensics
More informationOptum Patient Portal. 70 Royal Little Drive. Providence, RI 02904. Copyright 2002-2013 Optum. All rights reserved. Updated: 3/7/13
Optum Patient Portal 70 Royal Little Drive Providence, RI 02904 Copyright 2002-2013 Optum. All rights reserved. Updated: 3/7/13 Table of Contents 1 Patient Portal Activation...1 1.1 Pre-register a Patient...1
More informationCourse Descriptions for Focused Learning Classes
Course Descriptions for Focused Learning Classes Excel Word PowerPoint Access Outlook Adobe Visio Publisher FrontPage Dreamweaver EXCEL Classes Excel Pivot Tables 2 hours Understanding Pivot Tables Examining
More informationCloud Computing. What is Cloud Computing?
Cloud Computing What is Cloud Computing? Cloud computing is where the organization outsources data processing to computers owned by the vendor. Primarily the vendor hosts the equipment while the audited
More informationAcronis Backup & Recovery for Mac. Acronis Backup & Recovery & Acronis ExtremeZ-IP REFERENCE ARCHITECTURE
Acronis Backup & Recovery for Mac Acronis Backup & Recovery & Acronis ExtremeZ-IP This document describes the technical requirements and best practices for implementation of a disaster recovery solution
More informationA Short Introduction to Digital and File System Forensics
Antonio Barili Lab Dept. of Industrial and Information Engineering University of Pavia (Italy) antonio.barili@unipv.it Every contact leaves a trace Culprit Scene Victim Edmond Locard (1877-1966) 2015 -
More informationOf the programs offered by IACIS, the Basic Computer Forensic Examiner (BCFE) Training Program is at the forefront.
BCFE 2015 BASIC Certified Examiner Training Program Program Description and Syllabus Contents A. Program Overview B. Prerequisites C. Automated Tools, Hardware, and Software D. Required Equipment and Supplies
More informationCloud Signature Creator: An Application to Establish Cloud-Computing Application Artifacts
University of Rhode Island DigitalCommons@URI Open Access Master's Theses 2015 Cloud Signature Creator: An Application to Establish Cloud-Computing Application Artifacts Gerald W. Gent University of Rhode
More informationEFFICIENT FORENSIC TOOLS FOR HANDHELD DEVICES: A COMPREHENSIVE PERSPECTIVE
EFFICIENT FORENSIC TOOLS FOR HANDHELD DEVICES: A COMPREHENSIVE PERSPECTIVE Somasheker Akkaladevi 1 1 Virginia State University Department of Computer Information Systems Petersburg, Virginia 23806, USA
More informationPractical Methods for Dealing with Full Disk Encryption. Jesse Kornblum
C Y B E R S E C T O R Practical Methods for Dealing with Full Disk Encryption Jesse Kornblum Outline Introduction Types of Targets Finding Keys Tool Marks Example - BitLocker BitLocker Weakness Conclusion
More informationHow to Avoid The Biggest Electronic Evidence Mistakes. Ken Jones Senior Technology Architect Pileum Corporation
How to Avoid The Biggest Electronic Evidence Mistakes Ken Jones Senior Technology Architect Pileum Corporation Why is Proper Handling of Electronic Data Important? Most of the evidence in your case isn
More informationCOEN 152 / 252 Lab Exercise 1. Imaging, Hex Editors & File Types
COEN 152 / 252 Lab Exercise 1 Imaging, Hex Editors & File Types In this lab we will explore the concepts associated with creating a forensic image. Write-blocking will be accomplished utilizing a mounted
More informationForensics on the Windows Platform, Part Two
1 of 5 9/27/2006 3:52 PM Forensics on the Windows Platform, Part Two Jamie Morris 2003-02-11 Introduction This is the second of a two-part series of articles discussing the use of computer forensics in
More informationRestoring a Windows 8.1 system from complete HDD failure - drivesnapshot
Restoring a Windows 8.1 system from complete HDD failure - drivesnapshot Drivesnapshot is available at http://www.drivesnapshot.de/ http://www.drivesnapshot.de/en/down.htm is the download page. If you
More informationCYBER FORENSICS (W/LAB) Course Syllabus
6111 E. Skelly Drive P. O. Box 477200 Tulsa, OK 74147-7200 CYBER FORENSICS (W/LAB) Course Syllabus Course Number: CSFS-0020 OHLAP Credit: Yes OCAS Code: 8134 Course Length: 130 Hours Career Cluster: Information
More informationIntroduction to Cloud Services
Introduction to Cloud Services (brought to you by www.rmroberts.com) Cloud computing concept is not as new as you might think, and it has actually been around for many years, even before the term cloud
More informationCertified Digital Forensics Examiner
Certified Digital Forensics Examiner Course Name: CDFE V6.0 Duration: Language: 5 days English Format: Instructor-led (Lecture and Lab) Prerequisite: Experience in using a computer Student Materials: Student
More informationIT Auditing and. Discussion Topics. What is IT Auditing?
IT Auditing and Computer Forensics Kevin H. Doar, CISA Auditor Discussion Topics What is IT Auditing? IT Auditor Skillset IT Auditing Standards & Frameworks IT Controls with Case Examples The Direction
More informationSteven Kaplan, CISSP, CISA Accuvant skaplan@accuvant.com Sandra Bittner, CISSP Arizona Public Service Palo Verde Nuclear Generating Station
Steven Kaplan, CISSP, CISA Accuvant skaplan@accuvant.com Sandra Bittner, CISSP Arizona Public Service Palo Verde Nuclear Generating Station The Challenge: Commercial generation facilities must identify
More informationCertified Digital Forensics Examiner
Certified Digital Forensics Examiner Course Name: CDFE V6.0 Duration: Language: 5 days English Format: Instructor-led (Lecture and Lab) Prerequisite: Experience in using a computer Student Materials: Student
More information