 |
|
Live Data Acquisition and Analysis (Memory Forensics)
“Live Forensics is a rapidly growing and evolving field, clearly training and education on the processes required to successfully perform live forensics and analysis are top priorities for both the public and private sector in the coming year. Lance Mueller, Mike Webber, and the rest of the team at BitSec Forensics are clearly leaders in the forensics training industry, it’s a great privilege to have them as the first official training partner.”, says Matthew Shannon, Founder and Chief Architect of the F-Response software. “When my job as a U.S. Secret Service Agent computer forensics examiner requires collecting volatile data, it will be done with confidence gained from attending this course.” (Secret Service Forensic Analyst) In BitSec’s exclusive two-day Live Data Acquisition and Analysis course, participants will learn to recognize, properly seize and analyze the contents of physical memory (RAM) and also volatile system data using both open source and commercially available tools such as Helix, MDD, WinEn, DD, Memoryze, Volatility, F-Response, HB Gary Responder, EnCase, and others. Several practical exercises will be conducted in order to present a number of different real-life scenarios and give the investigator a chance to practice with the tools in a controlled environment, collecting evidence from local workstations and also over the network. Emphasis is placed on acquiring useful information that can be extracted from the collected data as well as correlating that information with the future static forensics process. This includes information from volatile system data and memory dumps, like: Running processes Each participant will receive an external USB / Firewire hard disk containing open source tools capable of collecting and analyzing physical memory and volatile system data. For more information, contact a BitSec training professional toll free at (877) 272-1417 or by email at info(at)bitsecforensics(dot)com. |
|
||||||||
