Students will gain a practical knowledge of the elements of digital forensics as it relates to parsing and understanding file system structure and use. File systems are the underlining structures of hardware systems and are used as a method of storing and organizing computer files and their data.
Learning Objectives
- Make use of forensic tools to analyze the FAT, NTFS and ext file systems
- Identify the important data structures on the FAT, NTFS, ext and HFS+ file systems
- Examine the structure of a disk drive including the boot record, partition table and slack space
- Make use of forensic tools to acquire forensically sound images of disk drives
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Specialty Areas
- Incident Response
- Vulnerability Assessment and Management
- Digital Forensics
- Cyber Investigation
- Collection Operations