NTFS file system explained: understanding resident and non-resident files - Computer forensics
43.5 هزار بار بازدید -
9 سال پیش
-
This is the first tutorial
This is the first tutorial of the Computer forensics course at Duckademy. To do computer forensics, understanding the NTFS file system and the inner workings of resident and non-resident files is a must. To DOWNLOAD the evidence files and the commands used in the tutorial go to http://www.duckademy.com
The goal of the Computer forensics course is to teach you how to collect evidence in case of an incident and to investigate how the intruders came in, what data they have stolen, if they have harmed your system.
In addition we will give you advice on what you can do to block the next attack.
The Computer forensics course will cover:
- Recovering NTFS file system and looking for evidence
- Recovering FAT16 and FAT32 file system
- Acquiring saved passwords from the password managers of browsers
- Browser history and cache file recovery to investigate the users’ internet usage
- Getting the content (e.g. emails, contacts) from an encrypted Outlook PST file
- Recovery of Exchange MDB, Active Directory NTDS.DIT and similar files
- ZIP file recovery
- RAM analysis of Windows and Linux servers with Volatility
IN THIS TUTORIAL of the Computer forensics course you will learn the inner workings of the NTFS file system to be able to recover files and look for evidence later.
For this we will cover:
01:21 Role of the resident files and how to retrieve them
24:36 Non-resident files in NTFS and their role in the file system
Please note that this computer forensics tutorial is for educational purposes only.
SUBSCRIBE NOW FOR NEW FREE IT TUTORIALS!
https://www.seevid.ir/c/DuckademyIT...
SUBSCRIBE TO OUR EMAIL LIST!
https://www.duckademy.com/#dialog-new...
FOLLOW US!
Facebook ► Facebook: duckademy
Twitter ► Twitter: duckademy
Google+ ► http://gplus.to/duckademy
Linkedin ► LinkedIn: duckademy
----------------------------------------------------------------------------------------------------------
The goal of the Computer forensics course is to teach you how to collect evidence in case of an incident and to investigate how the intruders came in, what data they have stolen, if they have harmed your system.
In addition we will give you advice on what you can do to block the next attack.
The Computer forensics course will cover:
- Recovering NTFS file system and looking for evidence
- Recovering FAT16 and FAT32 file system
- Acquiring saved passwords from the password managers of browsers
- Browser history and cache file recovery to investigate the users’ internet usage
- Getting the content (e.g. emails, contacts) from an encrypted Outlook PST file
- Recovery of Exchange MDB, Active Directory NTDS.DIT and similar files
- ZIP file recovery
- RAM analysis of Windows and Linux servers with Volatility
IN THIS TUTORIAL of the Computer forensics course you will learn the inner workings of the NTFS file system to be able to recover files and look for evidence later.
For this we will cover:
01:21 Role of the resident files and how to retrieve them
24:36 Non-resident files in NTFS and their role in the file system
Please note that this computer forensics tutorial is for educational purposes only.
SUBSCRIBE NOW FOR NEW FREE IT TUTORIALS!
https://www.seevid.ir/c/DuckademyIT...
SUBSCRIBE TO OUR EMAIL LIST!
https://www.duckademy.com/#dialog-new...
FOLLOW US!
Facebook ► Facebook: duckademy
Twitter ► Twitter: duckademy
Google+ ► http://gplus.to/duckademy
Linkedin ► LinkedIn: duckademy
----------------------------------------------------------------------------------------------------------
9 سال پیش
در تاریخ 1394/01/07 منتشر شده
است.
43,588
بـار بازدید شده