Computer forensics is a broad concept that refers mainly to crimes committed with the use of computers. Various laws have been passed against cybercrime, but it still exists and the guilty parties are difficult to find due to the lack of physical evidence. This challenge can be overcome with the help of computer forensics.

Objective

The objective of this lab is to find Windows event logs, Windows processes, search key values and data in Windows, using Windows log analysis and file analysis forensic tools. Accomplishing this task includes:
Learn about Network Enumeration
  • Viewing system information and memory processes
  • Viewing disk raw sectors
  • Verifying the integrity of files
  • Creating drive images
  • Recovering deleted files and viewing cookies
  • Scanning for pictures

Scenario

A computer forensics examiner, Steve, called to investigate the laptop of a 26-year-old man who was arrested. Steve started searching the contents of the laptop. He started his investigation on Windows® event logs and processes using various Windows forensic tools. He checked all the registries, event logs, and processes for evidence of any crimes. During the investigation, he found the paths for several images and videos of child pornography. He checked all the images and confirmed the existence of child pornography on the laptop. Other evidence on the laptop confirmed that the man in custody was its primary user.

Windows Forensics Exercises

Computer Forensics Exercises / Windows Forensics contains the following Exercises:

  • Discovering and Extracting Hidden Forensic Material on Computers Using OSForensics
  • Extracting Information about Loaded Processes Using Process Explorer
  • Viewing, Monitoring, and Analyzing Events Using the Event Log Explorer Tool
  • Performing a Computer Forensic Investigation Using the Helix Tool

The Virtual Private Cloud for this Lab set utilizes:


Computer Forensics Exercises are available as part of the following subscription:

CEHproductimage
Each subscription provides 6 months access to 34 Different Exercises. Each exercise contains a Scenario, Objectives, and individual step by step tasks to guide the user through all steps necessary to complete the exercise. The Computer Forensics Exercises are designed to give the user an ultimate hands-on experience. Each exercise category above has it’s own Virtual Private Cloud that comes preconfigured with Vulnerable websites, Victim Machines, and the environment is LOADED with tools, we even provide investigation files, hard disk clones and targets. Included in your network share are all the supporting tools required to practice in the Cyber Range / Lab environment.

Lab exercises are included for:

  • Computer Forensics Investigation Process
  • Computer Forensics Lab
  • Understanding Hard Disks and File Systems
  • Windows Forensics
  • Data Acquisition and Duplication
  • Recovering Deleted Files and Partitions
  • Forensics Investigation Using AccessData FTK
  • Forensics Investigation Using EnCase
  • Steganography and Image File Forensics
  • Application Password Crackers
  • Log Capturing and Event Correlation
  • Network Forensics, Investigating Logs and Investigating Network Traffic
  • Investigating Wireless Attacks
  • Tracking & Investigating Email Crimes
  • Mobile Forensics
  • Investigative Reports
Price: $199
Add to Cart
View Cart