From the course: CompTIA Security+ (SY0-601) Cert Prep: 9 Operations and Incident Response
Unlock the full course today
Join today to access over 22,400 courses taught by industry experts or purchase this course individually.
Introduction to forensics
From the course: CompTIA Security+ (SY0-601) Cert Prep: 9 Operations and Incident Response
Introduction to forensics
- [Instructor] When asked to participate in the evaluation of electronic evidence as part of an investigation, security professionals engage in digital forensics. The goal of digital forensics is to collect, preserve, analyze, and interpret digital evidence artifacts in support of an investigation. This includes everything from pulling data from a smartphone or laptop, to analyzing network traffic logs. Digital forensic investigators have a wide variety of tools and techniques at their disposal, and they must follow some basic principles when they're working with evidence. One of the most important guiding principles of any forensic science is that investigators must never take any action that alters the evidence itself and may lead to future misinterpretation. This is easy to understand when applied to physical forensics. Investigators should wear gloves at a crime scene and avoid contaminating samples with their own…
Contents
-
-
-
-
-
-
Conducting investigations3m 50s
-
Evidence types3m 28s
-
Introduction to forensics3m 21s
-
System and file forensics4m 26s
-
File carving3m 46s
-
Creating forensic images5m 30s
-
Digital forensics toolkit2m 25s
-
Operating system analysis6m 9s
-
Password forensics7m 16s
-
Network forensics4m 1s
-
Software forensics4m 25s
-
Mobile device forensics1m 10s
-
Embedded device forensics2m 30s
-
Chain of custody1m 50s
-
Ediscovery and evidence production3m 3s
-
Exploitation frameworks6m 4s
-
-