Join Sandra Toner for an in-depth discussion in this video Recovering evidence from a cellular phone, part of Learning Computer Security Investigation and Response.
- In this video, we'll cover artifacts…that can be found on a cell phone.…A forensic investigator that works with cell phones…is going to need an understanding…of basic GSM communication.…That's the global system for mobile communications.…Particularly, there are databases, like the HLR,…the Home Location Register,…which contains subscriber data.…They'll also need to have a good grasp…of cell phone hardware, like the SIM card or the PUK,…the personal unlocking code, which is used…to reset a forgotten password.…
It's also useful to have a broad understanding…of different operating systems used on mobile devices.…iOS and Android are among the most popular.…However, you may also encounter Windows…or Blackberry operating systems on mobile devices.…So, what can you get from a cell phone?…Well, first of all, you can get call history.…That can yield some pretty good evidence.…In addition, you can get e-mail messages and text messages.…A mobile phone will also provide GPS details.…
You can get important network information.…
Author
Sandra Toner
Released
12/16/2015This course covers the basics of computer forensics and cyber crime investigation. Author Sandra Toner provides an overview of forensic science, and discusses best practices in the field and the frameworks professionals use to conduct investigations. Then, after showing how to set up a simple lab, Sandra describes how to respond to a cyber incident without disturbing the crime scene. She dives deep into evidence collection and recovery, explaining the differences between collecting evidence from Windows, Mac, and Linux machines. The course wraps up with a look at some of the more commonly used computer forensics software tools.
- Applying science to digital investigations
- Understanding forensic frameworks
- Defining cyber crime: harassment, hacking, and identity theft
- Setting up a forensic lab
- Responding to cyber incidents
- Collecting and recovering evidence
- Examining networks for evidence
- Applying forensics to Windows, Mac, and Linux
- Working with forensics tools
Skill Level Beginner
Duration
Views
-
Introduction
-
Welcome33s
-
-
1. Understanding Forensic Science
-
Identifying digital evidence2m 20s
-
2. Defining Cyber Crime
-
Classifying cyber crime1m 52s
-
Defining identity theft3m 35s
-
Examining cyber harassment4m 28s
-
-
3. Setting Up a Forensic Lab
-
Building a knowledgebase2m 43s
-
Working with evidence1m 28s
-
Equipping the lab1m 23s
-
Selecting forensic software2m 50s
-
-
4. Responding to a Cyber Incident
-
Discovering an incident2m 59s
-
Preserving evidence2m 9s
-
Reporting cyber incidents4m 28s
-
-
5. Collecting Evidence
-
Following protocol2m 25s
-
Storing evidence2m 28s
-
Imaging evidence1m 59s
-
-
6. Recovering Evidence
-
Finding hidden data4m 44s
-
Resurrecting data2m 36s
-
Working with damaged media2m 39s
-
Viewing browser history2m 11s
-
-
7. Network-Based Evidence
-
Checking out firewall logs1m 17s
-
Detecting network intrusion2m 10s
-
Examining router evidence1m 42s
-
-
8. Windows Forensics
-
Finding Windows directories1m 54s
-
9. Macintosh Forensics
-
Applying forensics to a Mac3m 17s
-
Checking out Mac logs2m 2s
-
Finding Mac directories1m 40s
-
-
10. Linux Forensics
-
Checking out Linux log files3m 40s
-
Finding Linux directories2m 28s
-
11. Forensic Tools
-
Conclusion
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Recovering evidence from a cellular phone