IT-Forensik (ITF)
Quem deve participar
- IT-Security appointees
- EDV Revisors
- Members of Incident Response Teams
- Participants of the Security/Hacking Curriculum
Pré- requisitos
- Basic knowledge about Microsoft Windows
- Basic knowledge about datasystems (directories, files)
- Knowledge about the commandrow (“DOS level”) are advantegous
- Knowledge about the Security/Hacking Curriculum are advantegous
Objetivos do Curso
Computer are well-established in our modern society. We entrust them with sensitive data and rely on accessing the data anytime. Unfortunately computer getting more and more abused by „Console-Cowboys“ who hack into external servers or by employees who want to get an advantage og knowledge. This course shows:
- the right incident response techniques against computer abuse
- how to identify possible evidence and to transport them appropriately
- which mechanisms log incidents and user activities in Microsoft Windows Operating Systems
- which programs were run on the computer
- which files were edited at which time
- how deleted data can be reconstructed
This product-neutral course contains various practical exercises and deals working techniques, processes and data structures. The knowlege learned in this course can be used in any commercial and non-commercial Forensik software.
Conteúdo do curso
- Incident Response Process as basis IT forensic
- Behaviour at the a the crime scene
- Workflow of a forensic analysis
- Structure and workflow of hard disks
- Partitions
- Overview: Data systems
- Analysis on Windows Computers
- Data structures of the FAT data system
- Overview: NTFS data systems
- Protocol file in the registry
- Evalutation of network traffic
- Smart phones and PDAs
- Market overview: Commercial Forensic software
- Exploitation of won cognition
Duração: 5 dias
Click no nome da cidade para reservarAgenda
Europa
Alemanha
2012-10-08 - 2012-10-12
Munich
2012-12-03 - 2012-12-07
Düsseldorf