Learn your way! Get started

Forensic investigator, Part 9: Cloud and Web Forensics

with expert David Bigger


Watch trailer


Course at a glance

Included in these subscriptions:

  • Dev & IT Pro Video
  • Dev & IT Pro Power Pack

Release date 5/16/2018
Level Intermediate
Runtime 1h 42m
Closed captioning N/A
Transcript N/A
eBooks / courseware N/A
Hands-on labs N/A
Sample code N/A
Exams Included


Enterprise Solutions

Need reporting, custom learning tracks, or SCORM? Learn More



Course description

The Cloud is everywhere and along with it comes unique challenges for an investigator such as Infrastructure as a service, jurisdictional issues, data locations and web applications. Who owns the data? is it in the same country? how do you find it? This course will guide you through some of these challenges, threats and pitfalls of investigating in the cloud.

Prerequisites

This is part 9 of the series.

Meet the expert

David Bigger David Bigger is the lead trainer at Bigger IT Solutions. He has been information technology for a little over 20 years and has been training all over the US. He has worked with companies like US Military, Lockheed Martin, General Dynamics, Dominos Pizza, University of Utah and Expedia


Course outline



Cloud and Web Forensics

Cloud Review (16:58)
  • Introduction (00:18)
  • Cloud Review (05:45)
  • Cloud Review (Cont.) (00:47)
  • IaaS (02:26)
  • PaaS (01:58)
  • SaaS (02:06)
  • Deployment Models (02:28)
  • Cloud Forensics (00:51)
  • Summary (00:15)
Cloud Threats (13:56)
  • Introduction (00:22)
  • Cloud Computing Threats (02:22)
  • Insecure Interfaces and APIs (02:23)
  • Malicious Insiders (01:09)
  • Policy and Procedure Differences (01:22)
  • Isolation Failure (01:45)
  • Cloud Provider Acquisition (01:16)
  • Subpoena and E-Discovery (01:39)
  • VM-Level Attacks (01:16)
  • Summary (00:17)
Challenges (13:29)
  • Introduction (00:22)
  • Challenges to Cloud Forensics (06:21)
  • Challenges to Cloud Forensics (Cont.) (04:11)
  • More Challenges to Cloud Forensics (02:15)
  • Summary (00:17)
Dropbox Example (08:27)
  • Introduction (00:17)
  • Dropbox Forensic Example (01:02)
  • Dropbox (00:54)
  • Dropbox Version History and Events (02:40)
  • Dropbox Settings (02:31)
  • Dropbox and Forensic Tools (00:44)
  • Summary (00:16)
Web Application Review (05:41)
  • Introduction (00:24)
  • Web Application Review (01:56)
  • Web Application Layers (03:06)
  • Summary (00:13)
Web Threats (13:20)
  • Introduction (00:22)
  • Web Application Threats (02:31)
  • Types of Threats (05:32)
  • More Types of Threats (04:34)
  • Summary (00:18)
Investigation Steps (09:37)
  • Introduction (00:23)
  • Investigative Steps to Follow (00:56)
  • Beginning Investigation Steps (01:22)
  • More Investigation Steps (03:21)
  • Further Investigation Steps (01:41)
  • Final Investigation Steps (01:28)
  • Summary (00:23)
Windows Investigation (11:58)
  • Introduction (00:21)
  • Windows-Based Investigation (00:48)
  • Logs (02:55)
  • Command Line Tools (01:34)
  • Command Line Tools to Run (Cont.) (02:47)
  • More Command Line Tools (03:12)
  • Summary (00:19)
Linux Investigation (08:53)
  • Introduction (00:22)
  • Linux-Based Investigation (01:37)
  • Apache Logs (01:24)
  • Error and Access Logs (01:39)
  • Common Log Format (03:30)
  • Summary (00:18)