Moocable is learner-supported. When you buy through links on our site, we may earn an affiliate commission.
Information Security

Advanced Evimetry Forensic Acquisition: Allocated, Non-Linear Partial, and Live Images

via Cybrary

Description

Additionally, in this course we cover options for pulling or pushing the Evimistry live collection agent directly from the my.evimetry.com website to a running computer.  We walk through each of these scenarios step-by-step using all the Evimetry tools.

Prerequisites

  • Before any forensic acquisition you must document the evidence
  • See my Cybrary course: “Evidence Handling: Do it the Right Way”
  • See my Cybrary course: “Basic Evimetry Deadboot Forensic Acquisition: Wired & Local”
  • Get a full featured, evaluation copy of Evimetry (Link found in Syllabus)
  • Internet connected computer
  • An “evidence” computer or drive
  • A USB thumbdrive for dead booting
  • A network
  • A DHCP source
  • A storage drive (USB3 External)

Course Goals

By the end of this course, students should be able to:

  • Create an Evimetry Allocated-Only Forensic Image
  • Create an Evimetry Non-Linear Partial Forensic Image (File-Type Image)
  • Create an Evimetry Live Forensic Image of a Windows Target System
  • Examine the Downloadable Pull & Push Evimetry Live Agents

Tags
Cross-Site Scripting (XSS)

Syllabus

  • Introduction
    • Introduction
  • Allocated-Only, Non-Linear Partial and Live Images
    • Evimetry Allocated-Only
    • Creating an Allocated-Only Image
    • Evimetry Non-Linear Partial
    • Creating a Non-Linear Partial Image
    • Evimetry Live (Light) Agent
    • Running the Evimetry Light Agent
    • Pull or Push the Evimetry Light Agent
  • Conclusion
    • Course Summary

Start Learning Find study partner
Online Course
Information Security

Advanced Evimetry Forensic Acquisition: Allocated, Non-Linear Partial, and Live Images

via Cybrary
Start Learning Find study partner
Affiliate notice

Additionally, in this course we cover options for pulling or pushing the Evimistry live collection agent directly from the my.evimetry.com website to a running computer.  We walk through each of these scenarios step-by-step using all the Evimetry tools.

Prerequisites

  • Before any forensic acquisition you must document the evidence
  • See my Cybrary course: “Evidence Handling: Do it the Right Way”
  • See my Cybrary course: “Basic Evimetry Deadboot Forensic Acquisition: Wired & Local”
  • Get a full featured, evaluation copy of Evimetry (Link found in Syllabus)
  • Internet connected computer
  • An “evidence” computer or drive
  • A USB thumbdrive for dead booting
  • A network
  • A DHCP source
  • A storage drive (USB3 External)

Course Goals

By the end of this course, students should be able to:

  • Create an Evimetry Allocated-Only Forensic Image
  • Create an Evimetry Non-Linear Partial Forensic Image (File-Type Image)
  • Create an Evimetry Live Forensic Image of a Windows Target System
  • Examine the Downloadable Pull & Push Evimetry Live Agents

  • Introduction
    • Introduction
  • Allocated-Only, Non-Linear Partial and Live Images
    • Evimetry Allocated-Only
    • Creating an Allocated-Only Image
    • Evimetry Non-Linear Partial
    • Creating a Non-Linear Partial Image
    • Evimetry Live (Light) Agent
    • Running the Evimetry Light Agent
    • Pull or Push the Evimetry Light Agent
  • Conclusion
    • Course Summary

Tags

Cross-Site Scripting (XSS)

Quick Links

Browse by subject

Browse by provider

Browse by university

Browse by publisher

Browse by institution

Roadmaps

Posts