The goal of digital forensics is to collect, preserve, analyze, and interpret digital evidence in support of an investigation. This includes everything from pulling data from a smart phone or laptop to analyzing network traffic logs. In this video, learn the basic concepts of computer forensics, including the order of volatility, video capture, recording time offset, using witnesses, and tracking time and expenses.
- [Instructor] Information security professionals…often find themselves asked to participate…in many different types of investigations.…In some cases, these are purely technical investigations…of security incidents or other unusual circumstances.…In other cases, security professionals may be called upon…to assist law enforcement or other authorities…in criminal and civil court cases.…When asked to participate in the evaluation…of electronic evidence,…security professionals engage in a field…known as digital forensics.…
The goal of digital forensics is to collect,…preserve, analyze, and interpret digital evidence…in support of an investigation.…This includes everything from pulling data…from a smart phone or laptop…to analyzing network traffic logs.…Digital forensic investigators have a…wide variety of tools and techniques at their disposal…and must follow some basic principles…when working with evidence.…One of the most important guiding principles…of any forensic science is that investigators…must never take any action that alters the evidence itself…
- Building an incident response program
- Escalation and notification
- eDiscovery process
- Conducting investigations
- System and file forensics
- Reporting and documenting incidents
- Business continuity planning
- Validating backups
- Testing BC/DR plans
Skill Level Intermediate
Q: This course was updated on 06/01/2018. What changed?
A: We updated three videos, covering creating an incident response program, communications plan, and response team.