Forensics investigation involves the acquisition, preservation, analysis, and presentation of computer evidence. This type of evidence is fragile in nature and can easily, even inadvertently be altered, destroyed, or rendered inadmissible as evidence. Computer evidence must be properly obtained, preserved, and analyzed to be accepted as reliable and valid in a court of law.

Objective

The objective of this lab is to provide expert knowledge about the AccessData FTK used in computer forensics.
Forensics Investigation Using AccessData FTK

Scenario

James Smith is an employee of a reputed forensic investigation firm. He has been hired by a private organization to investigate a cybercrime scene. As an expert computer forensic investigator, he has to acquire, preserve, analyze, and present valid evidence in a court of law.

Forensics Investigation Using AccessData FTK

Incident Handling Exercises / Forensics Investigation Using AccessData FTK contains the following Exercises:

  • Investigating a Case Using AccessData FTK

The Virtual Private Cloud for this Lab set utilizes:


Incident Handling Exercises are available as part of the following subscription:

CEHproductimage
Each subscription provides 6 months access to over 75 Different Exercises. Each exercise contains a Scenario, Objectives, and individual step by step tasks to guide the user through all steps necessary to complete the exercise.

Lab exercises are included for:

  • Trojans and Backdoors
  • Computer Forensics Investigation Process
  • Understanding Hard Disks and File Systems
  • Forensics Investigation Using AccessData FTK
  • Forensics Investigation Using EnCase
  • Log Capturing and Event Correlation