Video description
Understanding how to handle digital evidence is an essential skill for the law enforcement professional or corporate investigator tasked with searching a computer system for evidence of crimes and intrusions. This course teaches you the techniques required for acquiring, validating, and protecting digital evidence in order to ensure the evidence is accurate and free from tampering. You'll learn how to use free, open source software utilities to acquire digital evidence from an electronic device; also covered is how to validate and verify the evidence, as well as how to handle and store the evidence. Learners should have experience using command line utilities.
- Explore a skill set used by professional forensic practitioners
- Master the ability to acquire data from computer disks and memory
- Understand how to obtain evidence validation and verify the validation
- Discover the proper methods for protecting acquired evidence
- Learn how to ensure accurate, tamper free digital information
Ric Messier (GCIH, GSEC, CEH, CISSP) is the Director for Cyber Academic Programs at Circadence. He has decades of information security experience and is the author of dozens of O'Reilly titles on info sec and digital forensics, including "Introduction to Penetration Testing" and "Learning Linux Security". He holds a B.S. in Information Technology from the University of Massachusetts, an MS in Digital Forensic Science from Champlain College, and a Ph.D. in Information Assurance and Security from Capella University.
Table of contents
-
Introduction
- Welcome To The Course 00:02:14
- About The Author 00:02:17
- System Requirements 00:04:36
- Legal Implications 00:04:06
-
Acquisition And Validation
- Storage Types 00:04:24
- Acquisition Using DD 00:04:23
- DD Parameters 00:03:04
- Using FTK Imager 00:03:32
- Using FTK Imager On Windows 00:03:21
- Hashing - What Gets Hashed 00:04:05
- Md5Sum 00:03:47
- Sha1Sum 00:04:07
- Dcfldd 00:03:23
- FCVI 00:03:43
- Quickhash 00:03:38
- Linux Memory Acquisition 00:02:59
- Virtual Memory Acquisition 00:04:26
- Windows Memory Acquisition With DumpIt 00:03:28
- Windows Memory Acquisition With FTK Imager 00:02:31
- Linux Memory Acquisition With LIME 00:04:20
- Android Memory Acquisition With LIME 00:04:20
-
Protection
- Secure Storage / Physical Protection 00:03:44
- LUKS 00:03:02
- VeraCrypt 00:04:51
- Windows Encryption 00:03:59
- AES Crypt 00:02:38
- Whole Disk Encryption 00:04:54
- Key Management 00:04:37
-
Conclusion
- Wrap Up And Thank You 00:02:26
Product information
- Title: Evidence Acquisition and Handling
- Author(s):
- Release date: September 2017
- Publisher(s): Infinite Skills
- ISBN: 9781491997475
You might also like
article
Three Ways to Sell Value in B2B Markets
As customers face pressure to reduce costs while maintaining profitability, value-based selling (VBS) has become critical …
article
Reinventing the Organization for GenAI and LLMs
Previous technology breakthroughs did not upend organizational structure, but generative AI and LLMs will. We now …
article
Communicate with Teams More Effectively
This selection of shortcuts will enable you to improve your communication, critical thinking, documentation, and networking …
audiobook
The Year in Tech, 2025
<B>A year of HBR's essential thinking on tech—all in one place.</B><br/><br/><br/><br/>Generative AI, biometrics, spatial computing, electric …
