YoVDO

Operating System Forensics

Offered By: LinkedIn Learning

Tags

Digital Forensics Courses Linux File System Courses Memory Dump Analysis Courses

Course Description

Overview

Learn the fundamentals of operating system forensics. Find out how to recover evidence from the operating system of any computer.

Syllabus

Introduction
  • Operating system forensics
1. Operating Systems and Digital Forensics
  • Introduction
  • History
  • Core concepts
  • Roles in computing
  • Process management hands-on
  • Roles in forensics
  • Future
2. File System Types
  • Introduction
  • Windows file systems
  • Windows hands-on
  • Linux file systems
  • Linux hands-on
  • Apple file systems
  • Apple hands-on
3. File Recovery
  • Introduction
  • Data carving
  • Data carving preparation
  • Data carving hands-on
  • Slack space
  • Data hiding and ADS
  • Data hiding hands-on
4. Live Acquisition
  • Introduction
  • Addressing
  • Memory structure
  • Virtual memory
  • Memory dump analysis with Volatility
  • Processes
  • Network connections
  • Challenge
  • Solution
Conclusion
  • Next steps

Taught by

Jungwoo Ryoo

Related Courses

Working with Memory Dumps and Debugging Using Sysinternals Tools
Pluralsight