Astraios Courses

System forensics  

Description

Description: Digital forensics fundamentals tied to evidence acquisition, memory acquisition and unstructured analysis. File systems FAT , Fat 32 NTFS , HPFS , Ext4 in analysis perspective. USB device analysis, system and local domain file analysis. String search, data carving, and e-mail forensics. Registry and log files analysis. Web browser forensics. Different file content (documents, photos and so on) and metadata analysis. Smartphone forensics fundamentals. Timeline creation and analysis. Learning outcomes: Can form hypotheses for investigative analysis - Knows how to perform proper forensic analysis by applying key analysis techniques covering different operating systems - Is able to use freely available and open tools for evidence acquisitions and analysis - Can establish last usage timeline trough system log and log footprints - Can find some deleted data and keep the chain of evidence

Delivery mode

Presential
English

Name

System forensics
English

UNIVERSITY OF TWENTE

Faculty of Geo-Information Science and Earth Observation

Astraios home page

Funded by the European Union. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or HaDEA. Neither the European Union nor the granting authority can be held responsible for them. The statements made herein do not necessarily have the consent or agreement of the ASTRAIOS Consortium. These represent the opinion and findings of the author(s).