Learn your way! Get started

Forensic Investigator Advanced

with David Bigger


Course at a glance


Release date 5/10/2018
Level
Runtime 3h 7m
Closed captioning N/A
Transcript N/A
eBooks / courseware N/A
Hands-on labs N/A
Sample code N/A
Exams N/A


Enterprise Solutions

Need reporting, custom learning tracks, or SCORM? Learn More



Course description

The third installment of the Forensic investigator series

Prerequisites

Parts 1 through 8 of Forensics Investigator.

Meet the

David Bigger David Bigger is the lead trainer at Bigger IT Solutions. He has been information technology for a little over 20 years and has been training all over the US. He has worked with companies like US Military, Lockheed Martin, General Dynamics, Dominos Pizza, University of Utah and Expedia


Course outline



Cloud and Web Forensics

Cloud Review (16:58)
  • Introduction (00:18)
  • Cloud Review (05:45)
  • Cloud Review (Cont.) (00:47)
  • IaaS (02:26)
  • PaaS (01:58)
  • SaaS (02:06)
  • Deployment Models (02:28)
  • Cloud Forensics (00:51)
  • Summary (00:15)
Cloud Threats (13:56)
  • Introduction (00:22)
  • Cloud Computing Threats (02:22)
  • Insecure Interfaces and APIs (02:23)
  • Malicious Insiders (01:09)
  • Policy and Procedure Differences (01:22)
  • Isolation Failure (01:45)
  • Cloud Provider Acquisition (01:16)
  • Subpoena and E-Discovery (01:39)
  • VM-Level Attacks (01:16)
  • Summary (00:17)
Challenges (13:29)
  • Introduction (00:22)
  • Challenges to Cloud Forensics (06:21)
  • Challenges to Cloud Forensics (Cont.) (04:11)
  • More Challenges to Cloud Forensics (02:15)
  • Summary (00:17)
Dropbox Example (08:27)
  • Introduction (00:17)
  • Dropbox Forensic Example (01:02)
  • Dropbox (00:54)
  • Dropbox Version History and Events (02:40)
  • Dropbox Settings (02:31)
  • Dropbox and Forensic Tools (00:44)
  • Summary (00:16)
Web Application Review (05:41)
  • Introduction (00:24)
  • Web Application Review (01:56)
  • Web Application Layers (03:06)
  • Summary (00:13)
Web Threats (13:20)
  • Introduction (00:22)
  • Web Application Threats (02:31)
  • Types of Threats (05:32)
  • More Types of Threats (04:34)
  • Summary (00:18)
Investigation Steps (09:37)
  • Introduction (00:23)
  • Investigative Steps to Follow (00:56)
  • Beginning Investigation Steps (01:22)
  • More Investigation Steps (03:21)
  • Further Investigation Steps (01:41)
  • Final Investigation Steps (01:28)
  • Summary (00:23)
Windows Investigation (11:58)
  • Introduction (00:21)
  • Windows-Based Investigation (00:48)
  • Logs (02:55)
  • Command Line Tools (01:34)
  • Command Line Tools to Run (Cont.) (02:47)
  • More Command Line Tools (03:12)
  • Summary (00:19)
Linux Investigation (08:53)
  • Introduction (00:22)
  • Linux-Based Investigation (01:37)
  • Apache Logs (01:24)
  • Error and Access Logs (01:39)
  • Common Log Format (03:30)
  • Summary (00:18)

Mobile Forensics and Reports

Mobile Overview (12:49)
  • Introduction (00:21)
  • Mobile Forensics Overview (03:30)
  • Mobile Forensics Overview (Cont.) (03:52)
  • Mobile Hardware and Software (01:59)
  • What Investigators Should Know (00:45)
  • Mobile Computing Architectural Layers (02:00)
  • Summary (00:19)
Getting Started (09:02)
  • Introduction (00:18)
  • Getting Started (01:58)
  • Authorization and Policies (01:56)
  • Where to Find Data (01:18)
  • Where to Find Data (Cont.) (01:04)
  • Introduction to the Process (00:27)
  • The Process (01:43)
  • Summary (00:14)
Mobile Tools (22:33)
  • Introduction (00:13)
  • What Can We Use (02:22)
  • Mobile Forensic Tools (00:00)
  • FTK Imager (00:52)
  • ViaExtract and iExplorer (00:51)
  • MOBILedit (00:45)
  • Other SIM Acquisition Tools (00:43)
  • Logical Acquisition Tools (00:44)
  • Physical Acquisition Tools (00:54)
  • File Carvers (00:53)
  • Try Before You Buy (01:24)
  • Demo: MOBILedit Forensic Express (05:03)
  • Demo: Creating a Report (03:23)
  • Demo: Report (04:01)
  • Summary (00:16)
Reports (12:55)
  • Introduction (00:21)
  • What Is a Forensic Report (00:47)
  • Reporting (02:59)
  • Reporting Continued (00:48)
  • Report Sections: Title Page and Table of Contents (00:34)
  • Report Sections: Summary and Objectives (00:59)
  • Report Sections: Evidence Analyzed and Steps Taken (01:26)
  • Report Sections: Relevant Findings and Timeline (01:18)
  • Report Sections: Conclusion, Signature, Exhibits (01:12)
  • Types of Reports (02:09)
  • Summary (00:15)
Recommendations (08:55)
  • Introduction (00:21)
  • The Report (00:49)
  • Report Recommendations (03:06)
  • Report Recommendations (Cont.) (01:56)
  • More Report Recommendations (02:30)
  • Summary (00:11)
Report Examples (18:28)
  • Introduction (00:18)
  • Report Examples (03:14)
  • Using Templates (01:25)
  • Demo: Report Background (02:36)
  • Demo: Report Types (05:21)
  • Demo: HTML Report (05:16)
  • Summary (00:14)