Live Digital Sessions
Host forensics relates to the analysis of data extracted most commonly from a Disk drives (HDD / SSD) or a system Memory and is aimed to allow investigators to understand user’s and applications behavior on a particular system. Compared to network forensics, where evidence is usually collected from NICs as pcap files or event analysis tools logs. Host forensics requires understanding in different areas such a windows and Linux internals and core computer operations. Students will learn the fundamentals of conducting forensic analysis of a windows host. This course will incorporate demonstrations and lab exercises to reinforce hands-on capabilities.