supertechguy.com

supertechguy.com

Forensics Fundamentals IT Forensics Fundamentals. In this class we will cover the basics of forensics procedures: Phases of Computer Evidence Collection Preservation Filtering Presentation Physical Scene Search Documentation Seizure Understanding Evidence Gathering Handling Documenting Rules of Evidence Evidence Dynamics Interviews Questions that should be asked Documenting interviews Volatile Data and Computer State When to cleanly shutdown When to pull the plug When volatile data must be captured Digital Images Creating digital images that are forensicly sound Documenting digtial images Searching slack space Carving files Understanding Metadata Building a Case Documenting results Building a report Slides: IT Forensic Fundamentals Open IT Forensic Fundamentals Files: Forensics Fundamentals Drive