English | MP4 | AVC 1280×720 | AAC 48KHz 2ch | 1h 36m | 244 MB
Criminals rely on the intricacies of operating systems like Windows, macOS, and Linux to conceal their activities and hide data. However, a skilled digital forensics expert knows the places to look and the tools to use to access evidence of their crimes. This course covers all the major concepts and tools of the growing field of operating system forensics. Instructor Jungwoo Ryoo (J.R.) reviews the fundamentals: the goals, history, and roles of operating system forensics and the future of the industry. He then shows how to acquire evidence from file systems, slack space, alternate data streams, and main memory. He uses a combination of free and commercial software, so students can practice techniques like file recovery and live acquisition with the tools that are within their budgets.
Table of Contents
Introduction
1 Operating system forensics
Operating Systems and Digital Forensics
2 Introduction
3 History
4 Core concepts
5 Roles in computing
6 Process management hands-on
7 Roles in forensics
8 Future
File System Types
9 Introduction
10 Windows file systems
11 Windows hands-on
12 Linux file systems
13 Linux hands-on
14 Apple file systems
15 Apple hands-on
File Recovery
16 Introduction
17 Data carving
18 Data carving preparation
19 Data carving hands-on
20 Slack space
21 Data hiding and ADS
22 Data hiding hands-on
Live Acquisition
23 Introduction
24 Addressing
25 Memory structure
26 Virtual memory
27 Memory dump analysis with Volatility
28 Processes
29 Network connections
Conclusion
30 Next steps
Resolve the captcha to access the links!