Themabewertung:
  • 0 Bewertung(en) - 0 im Durchschnitt
  • 1
  • 2
  • 3
  • 4
  • 5
SANS - FOR500: Windows Forensic Analysis
#1
[Bild: 5e4feb0091c58fcc04d80265d8b0681a.jpg]

SANS - FOR500: Windows Forensic Analysis
Language: English | Video: H264 1280x1080 | Audio: AAC 16 kHz mono | Duration: 39h 35m | 80.7 GB

FOR500: Windows Forensic Analysis will teach you to:

Conduct in-depth forensic analysis of Windows operating systems and media exploitation on Windows XP, Windows 7, Windows 8/8.1, Windows 10, Windows 11 and Windows Server products.

Identify artifact and evidence locations to answer crucial questions, including application execution, file access, data theft, external device usage, cloud services, device geolocation, file download, anti-forensics, and detailed system and user activity.
Become tool-agnostic by focusing your capabilities on analysis instead of how to use a particular tool.
Extract critical findings and build an in-house forensic capability via a variety of free, open-source, and commercial tools provided within the SANS Windows SIFT Workstation.

FOR500 starts with an intellectual property theft and corporate espionage case that took over six months to create. You work in the real world, so your training should include real-world practice data. Our instructor course development team used incidents from their own investigations and experiences to create an incredibly rich and detailed scenario designed to immerse students in an actual investigation. The case demonstrates the latest artifacts and technologies an investigator might encounter while analyzing Windows systems. The detailed workbook teaches the tools and techniques that every investigator should employ step by step to solve a forensic case. The tools provided can be used long after the end of class.

Please note that this is an analysis-focused course; FOR500 does not cover the basics of evidentiary handling, the "chain of custody," or introductory drive acquisition. The course authors update FOR500 aggressively to stay current with the latest artifacts and techniques discovered. This course is perfect for you if you are interested in in-depth and current Microsoft Windows Operating System forensics and analysis for any incident that occurs. If you have not updated your Windows forensic analysis skills in the past three years or more, this course is essential.

CONTENT

- 1x eBook Exercise Workbook Section 1 & 2
- first ISO: "500.21.1B hide01.ir.iso" -> Stack Memory Challenge (data to analyze using during exercise)
- second ISO: "500.21.2A hide01.ir.iso" -> SIFT Workstation (VM) + Tools

[Bild: 535733078_day-1_s.jpg]



Zitieren


Nachrichten in diesem Thema
SANS - FOR500: Windows Forensic Analysis - von Panter - 24.11.2024, 18:05

Möglicherweise verwandte Themen…
Thema Verfasser Antworten Ansichten Letzter Beitrag
  Créer Son Application Mobile Sans Savoir Coder Avec Glide Panter 0 151 16.10.2023, 21:04
Letzter Beitrag: Panter
  Technical Analysis Masterclass How To Use Technical Analysis by Thomas Boleto enterprises113 0 252 10.07.2022, 12:02
Letzter Beitrag: enterprises113
  The Complete Technical Analysis Course (2022) by Bitcoin Analysis enterprises113 0 245 06.06.2022, 15:50
Letzter Beitrag: enterprises113
  SANS - FOR500: Windows Forensic Analysis Panter 0 259 24.03.2022, 09:43
Letzter Beitrag: Panter
  SANS - FOR498: Battlefield Forensics & Data Acquisition Panter 0 276 23.03.2022, 20:32
Letzter Beitrag: Panter
  Intro to Forensic Science Panter 0 263 27.12.2021, 12:49
Letzter Beitrag: Panter

Gehe zu:


Benutzer, die gerade dieses Thema anschauen: 1 Gast/Gäste
Expand chat