Windows Host Forensics

Windows Host Forensics

Main Speaker:

Tracks:

After Event Workshops
cyber

Seminar Categories:

After Event Cyber
After Event Workshops
After Event Workshops
Cyber
Cyber

Course ID:

43768

Date:

12.07.2020

Time:

Daily seminar
9:00-16:30

43760

Overview

This course focuses on building in-depth digital forensics knowledge of the Microsoft Windows operating systems. You can’t protect what you don’t understand, and understanding forensic capabilities and artifacts is a core component of information security. You’ll learn to recover, analyze, and authenticate forensic data on Windows systems.

Who Should Attend

  • Workers in IT industry
  • Workers in information security industry
  • Workers in SOC teams
  • Anyone who interested in information security industry

Prerequisites

  • Basic knowledge in PC environment
  • Basic knowledge in Windows OS environment

Course Contents

  • Hash – digital signature
    • The use of hash for forensics
    • Different kinds of hash
  • Startup files
    • Msconfig
    • Autostart
    • Task manager
  • Mastering windows tools
    • Chkdsk
    • Defragment
    • Task list
  • Formatting vs. wiping
    • Different methods and tools
    • Demo: close up into drive formatting
  • Restoring files
    • Hard disk
      • Deleted files
      • Fragmented files
      • Hidden files
    • Memory
      • Extracting data from RAM
      • sys
      • Swap file
      • Registry files

 



DevGeekWeek 2020





By entering your email address, you agree that John Bryce training will use it for marketing purposes, emails and newsletter, as well as promotional offers and announcements, according to John Bryce training & Matrix group privacy policy. Your data will be saved in our computerized database, number 700019285. You can unsubscribe at any time by mailing infomail@johnbryce.co.il or by calling 03-7100777.

Contact

DevGeekWeek 2020





By entering your email address, you agree that John Bryce training will use it for marketing purposes, emails and newsletter, as well as promotional offers and announcements, according to John Bryce training & Matrix group privacy policy. Your data will be saved in our computerized database, number 700019285. You can unsubscribe at any time by mailing infomail@johnbryce.co.il or by calling 03-7100777.

Skip to content