CI 101 - Secure Techniques for Onsite Previewing (Aug 2018)

Tuesday Aug 07, 2018 - 12:00pm UTC to Wednesday Aug 08, 2018 - 09:00pm UTC
Event Description: 

This course covers the usage and configuration of two tools (Paladin/Autopsy and osTriage) designed to preview a non-mobile digital device and export files of evidentiary value. Day One is designed to preview a non-mobile digital device and export files of evidentiary value from a device that is powered on. Day Two is designed to preview a non-mobile digital device and export files of evidentiary value from a device that is powered off.

Students who bring an external USB hard drive (32GB minimum) will be able to leave with the same setup shown in class. Other topics include a detailed examination of the process of previewing: what previewing is, why and when it should be done, who can conduct a preview, and differences in procedure for starting a preview depending on whether a device is on or off.

Course structure:

  • What is previewing? Learn why you should preview, who can perform a preview, when to conduct a preview, and how to start a preview whether a device is on or off.
  • Paladin/Autopsy. Learn to forensically boot a device, then quickly preview and export digital evidence found on scene.
  • osTriage. Learn to identify when encryption is present, image RAM memory, display browser history, preview and export existing files, and much more.
  • Hands-on experience. Work with Paladin/Autopsy and osTriage, and leave the course with the same setup shown in class.
Location: 
Edgewood City Building 385 Dudley Road
Edgewood, KY 41017
United States
Event Cost Information
AmountDescription
$0.00
Free
Space Available: 
Yes
Organizer Information
Event POC: 
Damita Jones
Event POC Email: 
Event POC Phone: 
1-800-221-4424
Category: