Digital Forensics File Systems 2 from Bloomsburg University of Pennsylvania

National CAE Designated Institution

Classroom
Online, Instructor-Led

Analyzes the NTFS file system in detail with an emphasis on forensic information from metadata, slack space, and unallocated space. Examination of various Windows® artifacts using appropriate software.

Learning Objectives

At the end of the course students will be able to:

1. Extract forensically useful information about a file (e.g. location, size, attributes, and dates and times) from an NTFS file system.

2. Recover a deleted file from an NTFS file system.

3. Find alternate data streams.

4. Determine the links to a file.

5. Identify and extract recycled files in a recycle bin.

6. Use an appropriate registry file to obtain evidence from a registry.

Framework Connections

Investigate

More courses from this provider:

Bloomsburg University of Pennsylvania

Contact Information

Bloomsburg University of Pennsylvania
400 E Second Street
Bloomsburg, PA 17815

Visit course page for more information on Digital Forensics File Systems 2

Course Location Map

Your Location
Providers
Courses
Course and Provider Quantity

Course Overview

Overall Proficiency Level

1 - Basic

Course Prerequisites

DIGFOR.121 with a grade of at least C- or better.

Training Purpose

Functional Development

Skill Development

Specific Audience

All

Contractor

Federal Employee

Delivery Method

Classroom

Online, Instructor-Led

Course Location

400 E. Second Street
Ben Franklin Hall
Bloomsburg, PA 17815