BitSec Forensics’ exclusive two-day Live Data Acquisition and Analysis course will teach participants to recognize, properly seize, and analyze physical memory (RAM) and volatile system data, using both open source and commercially available tools such as: Helix3 Pro, Live Response, MDD, Winen, Fast Dump, Memoryze, Volatility, HB Gary Responder Field Edition, F-Response, EnCase, and more.

Register 45 days in advance and receive a FREE COPY OF HELIX3 PRO, a $129 value.

Practical exercises will be conducted to present a number of real-life scenarios giving the investigator hands on practice with the tools in a controlled environment. Evidence will be collected from local workstations as well as over the network.

Emphasis is placed on acquiring useful information that can be extracted from the collected data, as well as correlating that information with the future static forensic process. This includes information from volatile system data and memory dumps, including:

• Running processes
• MFT records
• Documents
• Instant message chats
• Internet History
• Network information and communications
• Logged on users
• Open file handles
• Encrypted containers
• Passwords and Encryption Keys

Interested in hosting this course at your location? Hosts receive a free seat in exchange for providing the venue. Contact training(at)bitsecforensics(dot)com for more information.