Description
In this course participants will learn all about incident response and triage procedures: from arriving to the crime scene to the complete triage of data on target machines in just a few minutes. The aforementioned skills are critically important in situations when time is of the essence. In addition, the same procedures can be applied even when performing dead box analysis, when it is a common procedure to mount images and preview the data and then, based on what is visible, perform processing. By utilizing triage procedures overall processing and reporting time can be radically reduced since it is not necessary to analyse all data. Participants will learn how to work with the most popular tools for incident response.
The fundamentals of this class are hands-on with scripting/automating digital forensic problems. Participants will be able to use, build, and develop scripts to elevate extraction and analysis capabilities and to solve some common, as well as challenging forensic related problems. After finishing this course, they will also be able to integrate batch scripts with their everyday tasks and duties, and not only become more efficient but be able to solve more demanding problems. The knowledge gained on this course will accelerate the analysis process because instead of a manual search, simply the scripts can be deployed.
At the end of the course, all participants will take on an exam and after successful completion will be given an official certificate for passing the course.
Prerequisites
To obtain the maximum benefits from this class, students should be able to understand the course curriculum presented in English, perform basic operations on a personal computer, and be familiar with the Microsoft Windows environment.
