Incident Handling Exercises

/Incident Handling Exercises

Log Capturing and Event Correlation

Every device on a network generates some kind of logs for each and every action carried out on the network. Capturing and analyzing the log files are important tasks for investigating the security posture of the target network, as they contain information about all the system, device, and user activities that took place within the [...]

September 4th, 2014|Categories: Incident Handling Exercises|Comments Off on Log Capturing and Event Correlation

Forensics Investigation Using EnCase

EnCase® Forensic solution lets examiners acquire data from a wide variety of devices, unearth potential evidence with disk level forensic analysis, and craft comprehensive reports on their findings, all while maintaining the integrity of their evidence. Forensics Investigation Using EnCase Computer Forensics Exercises / Forensics [...]

September 4th, 2014|Categories: Forensics Investigation Using EnCase, Incident Handling Exercises|Comments Off on Forensics Investigation Using EnCase

Forensics Investigation Using AccessData FTK

Forensics investigation involves the acquisition, preservation, analysis, and presentation of computer evidence. This type of evidence is fragile in nature and can easily, even inadvertently be altered, destroyed, or rendered inadmissible as evidence. Computer evidence must be properly obtained, preserved, and analyzed to be accepted as reliable and valid in a court of law. [...]

September 4th, 2014|Categories: Forensics Investigation Using AccessData FTK, Incident Handling Exercises|Comments Off on Forensics Investigation Using AccessData FTK

Understanding Hard Disks and File Systems

While investigating a computer-based crime, it is most important to understand hard disks and filesystems, as these are the major sources of data storage. People usually delete their tracks after committing a crime with a computer in order to avoid being traced. That is why recovering the deleted files of hard disks and analyzing filesystems [...]

September 4th, 2014|Categories: Incident Handling Exercises|Comments Off on Understanding Hard Disks and File Systems

Computer Forensics Investigation Process

The computer forensics investigation process is a methodological approach of preparing for an investigation, collecting and analyzing digital evidence, and managing the case from the reporting of the crime until the case'™s conclusion. Recovering deleted file from hard disk Viewing disk raw sectors Using encrypting command Generating hashes and checksum [...]

September 4th, 2014|Categories: Computer Forensics Investigation Process, Incident Handling Exercises|Comments Off on Computer Forensics Investigation Process

Trojans and Backdoors

A Trojan is a program that contains malicious or harmful code inside apparently harmless programming or data in such a way that it can get control and cause damage, such as ruining the file allocation table on a hard disk. With the help of a Trojan, an attacker gets access to stored passwords in a [...]

September 4th, 2014|Categories: Incident Handling Exercises, Trojans and Backdoors|Comments Off on Trojans and Backdoors

Incident Handling Exercises

Incident Handling Exercises are available as part of the following subscription: Each subscription provides 6 months of access to over 75 Different Exercises. Each exercise contains a Scenario, Objectives, and individual step by step tasks to guide the user through all steps necessary to complete the exercise. Lab exercises are included for: Trojans and Backdoors [...]

September 3rd, 2014|Categories: Incident Handling Exercises|Comments Off on Incident Handling Exercises