Join Mike Chapple for an in-depth discussion in this video Digital forensics toolkit, part of CySA+ Cert Prep: 3 Cyber Incident Response.
- [Instructor] Forensics work is complex and requires access…to a robust digital forensics toolkit.…You'll need to begin with a digital forensic workstation.…When you're selecting hardware to use for forensics,…be sure to choose a system that has…quite a bit of RAM and a powerful CPU.…Both of these will be invaluable…when performing the computationally intensive process…of processing evidence and calculating hash values.…You'll also want a system with plenty of…onboard hard disc space for storing intermediate analyses.…
Your forensic workstation should be loaded…with the forensic software of your choice.…You'll need a forensic analysis tool,…such as EnCase, FTK, or Helix.…These are robust suites of forensic tools…that dramatically speed up the analysis process.…They can consume images and other forensic artifacts…and quickly process them, pulling out…relevant information for your analysis.…You'll also want to have access to cryptographic tools.…These include hashing utilities, such as md5sum and shasum,…as well as encryption tools that you can use…
Author
Mike Chapple
Released
5/21/2018Want more CySA+ test prep tips? Visit certmike.com to join Mike's free study group.
- Identifying and classifying security incidents
- Determining incident severity
- Building an incident response program
- Notification, mitigation, recording, and reporting
- Incident symptoms
- Conducting forensic investigations
- Password, network, software, and device forensics
Skill Level Intermediate
Duration
Views
-
Introduction
-
Welcome3m 32s
-
-
1. Assessing Incidents
-
Threat classification4m 5s
-
2. Incident Response Process
-
Incident communications plan2m 51s
-
Incident identification4m 2s
-
Escalation and notification2m 42s
-
Mitigation2m 46s
-
Containment techniques3m 21s
-
Validation2m 20s
-
3. Incident Symptoms
-
Network symptoms4m 2s
-
Endpoint symptoms2m 55s
-
Application symptoms2m 20s
-
-
4. Forensic Investigations
-
Evidence types3m 51s
-
System and file forensics4m 17s
-
Creating forensic images5m 36s
-
Digital forensics toolkit3m 13s
-
Password forensics8m 9s
-
Network forensics4m 19s
-
Software forensics3m 32s
-
Mobile device forensics1m 32s
-
Embedded device forensics2m 50s
-
Chain of custody2m 13s
-
Next Steps
-
Next steps43s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Digital forensics toolkit