Course not currently available
Digital Forensics using Open Source Tools
Short course
In Bedfordshire ()
Description
-
Type
Short course
Course structure A one week course with a substantial amount of practical sessions in a dedicated forensic computing lab. The sessions will be taught by a variety of lecturing staff with both academic and practitioner based backgrounds.
Reviews
Subjects
- Linux
Course programme
On successful completion of this course, those attending should be able to:
- Compare and contrast the primary operating system platform choices from a forensic examination perspective
- Summarise and compare the range and capability of relevant tools available in the open source community
- Use and navigate a Linux system
- Apply standard Linux features, including the command shell and core utilities, to manage data and files in a forensic examination
- Securely and efficiently transfer data to and from a Linux system
- Apply core open-source forensic tools to forensic examinations
- Construct a complete forensic processing chain from open-source components, and assess its suitability for a forensic examination.
Core content
- Linux Kernels, distributions, graphical environments
- Unix platforms
- Licensing and support
- Installing and configuring Linux and Linux applications
- File system layout, system management and security concepts
- Accessing devices, partitions, and file systems
- Using a desktop (GUI) environment, and common desktop applications
- Using the shell and common command-line utilities
- Import, export, and cloning of disk images
- Working with split, compressed or encrypted images
- Advanced Forensic Format (AFF) – extensible open format for forensic image data
- Standard Unix features for data management and analysis
- Tools for basic process functions, such as viewing, converting, cryptographic hashing
- Identification and acquisition of disks and partitions
- Search concepts, including grep, find, and regular expressions
- NSRL known-good databases for file exclusion
- Analysis and carving tools
- Identifying and using open source tools
- Using scripting to automate processes and combine tools
- Forensic issues within the workflow, including repeatability and validity
- Managing and preserving evidence.
Digital Forensics using Open Source Tools