Forensic Investigator, Part 04 of 10: Data and Anti-Forensics

with David Bigger

Dive into data acquisition to discover the differences between live and static acquisitions, as well as to learn about volatile data, or the data that should be acquired first once a system has been determined to be a crime scene. Additionally, explore the various tools and the necessary hardware and software required to carry out a successful investigation. Following an exploration of data acquisition, take a closer look at anti-forensics to understand the techniques criminals may use to make your acquisition more difficult including encryption and file deletion. Then, learn about the countermeasures that can be implemented to overcome acquisition obstacles including password crackers and undelete utilities. This course is part of a series covering the EC-Council Computer Hacking Forensic Investigator (CHFI).

Course Outline