While investigating a computer-based crime, it is important to understand hard disks and filesystems, as these are the major sources of data storage. People usually delete their tracks after committing a crime with a computer in order to avoid being traced. That is why recovering the deleted files of hard disks and analyzing filesystems is important when investigating a computer-based crime.

Objective

The objective of this lab is to help the students understand how to:
Learn about Network Enumeration
  • Recover files deleted from a hard disk
  • Analyze the file systems

Scenario

Sam, a security professional, discovered that one of the employees at his company was gathering crucial, confidential information about the company and saving it on his/her computer so that he/she could use it for an illicit purpose. Sam immediately started checking each of his employee's computers in order to identify the dishonest individual. In order to avoid being caught, the employee permanently deleted all the gathered information.

 

Sam called a forensics investigator to launch an investigation. After listening to Sam explain the situation, the investigator decided to analyze the filesystems in an attempt to recover the deleted files to catch the dishonest employee.


Understanding Hard Disks and File Systems

Computer Forensics Exercises / Understanding Hard Disks and File Systems contains the following Exercises:

  • Recovering Deleted Files from Hard Disks Using WinHex
  • Analyzing File System Types Using The Sleuth Kit (TSK)

The Virtual Private Cloud for this Lab set utilizes:


Computer Forensics Exercises are available as part of the following subscription:

CEHproductimage
Each subscription provides 6 months access to 34 Different Exercises. Each exercise contains a Scenario, Objectives, and individual step by step tasks to guide the user through all steps necessary to complete the exercise. The Computer Forensics Exercises are designed to give the user an ultimate hands-on experience. Each exercise category above has it’s own Virtual Private Cloud that comes preconfigured with Vulnerable websites, Victim Machines, and the environment is LOADED with tools, we even provide investigation files, hard disk clones and targets. Included in your network share are all the supporting tools required to practice in the Cyber Range / Lab environment.

Lab exercises are included for:

  • Computer Forensics Investigation Process
  • Computer Forensics Lab
  • Understanding Hard Disks and File Systems
  • Windows Forensics
  • Data Acquisition and Duplication
  • Recovering Deleted Files and Partitions
  • Forensics Investigation Using AccessData FTK
  • Forensics Investigation Using EnCase
  • Steganography and Image File Forensics
  • Application Password Crackers
  • Log Capturing and Event Correlation
  • Network Forensics, Investigating Logs and Investigating Network Traffic
  • Investigating Wireless Attacks
  • Tracking & Investigating Email Crimes
  • Mobile Forensics
  • Investigative Reports
Price: $199
Add to Cart
View Cart