by Ric Messier | Publisher: Infinite Skills | Release Date: September 2017 | ISBN: 9781491997482

Understanding how to handle digital evidence is an essential skill for the law enforcement professional or corporate investigator tasked with searching a computer system for evidence of crimes and intrusions. This course teaches you the techniques required for acquiring, validating, and protecting digital evidence in order to ensure the evidence is accurate and free from tampering. You'll learn how to use free, open source software utilities to acquire digital evidence from an electronic device; also covered is how to validate and verify the evidence, as well as how to handle and store the evidence. Learners should have experience using command line utilities. Explore a skill set used by professional forensic practitioners Master the ability to acquire data from computer disks and memory Understand how to obtain evidence validation and verify the validation Discover the proper methods for protecting acquired evidence Learn how to ensure accurate, tamper free digital informationRic Messier (GCIH, GSEC, CEH, CISSP) is the Director for Cyber Academic Programs at Circadence. He has decades of information security experience and is the author of dozens of O'Reilly titles on info sec and digital forensics, including "Introduction to Penetration Testing" and "Learning Linux Security". He holds a B.S. in Information Technology from the University of Massachusetts, an MS in Digital Forensic Science from Champlain College, and a Ph.D. in Information Assurance and Security from Capella University.

1. Introduction
   • Welcome To The Course 00:02:14
   • About The Author 00:02:17
   • System Requirements 00:04:36
   • Legal Implications 00:04:06
2. Acquisition And Validation
   • Storage Types 00:04:24
   • Acquisition Using DD 00:04:23
   • DD Parameters 00:03:04
   • Using FTK Imager 00:03:32
   • Using FTK Imager On Windows 00:03:21
   • Hashing - What Gets Hashed 00:04:05
   • Md5Sum 00:03:47
   • Sha1Sum 00:04:07
   • Dcfldd 00:03:23
   • FCVI 00:03:43
   • Quickhash 00:03:38
   • Linux Memory Acquisition 00:02:59
   • Virtual Memory Acquisition 00:04:26
   • Windows Memory Acquisition With DumpIt 00:03:28
   • Windows Memory Acquisition With FTK Imager 00:02:31
   • Linux Memory Acquisition With LIME 00:04:20
   • Android Memory Acquisition With LIME 00:04:20
3. Protection
   • Secure Storage / Physical Protection 00:03:44
   • LUKS 00:03:02
   • VeraCrypt 00:04:51
   • Windows Encryption 00:03:59
   • AES Crypt 00:02:38
   • Whole Disk Encryption 00:04:54
   • Key Management 00:04:37
4. Conclusion
   • Wrap Up And Thank You 00:02:26