Surviving Digital Forensics: Link Files
Surviving Digital Forensics: Link Files
Genre: eLearning | MP4 | Video: h264, 1280x720 | Audio: aac, 44100 Hz
Language: English | VTT | Size: 438 MB | Duration: 1.5 hours
Genre: eLearning | MP4 | Video: h264, 1280x720 | Audio: aac, 44100 Hz
Language: English | VTT | Size: 438 MB | Duration: 1.5 hours
A computer forensic guide for understanding LINK file evidence on Windows computer systems
What you'll learn
Learn how to interpret LINK files on Windows 7 & Windows 8 systems
Learn how to tie a specific User account to LINK file activity
Learn to identify first and last file access times using LINK files
Learn how to discover the drive letter, volume name and file path of accessed files using LINK file data
Learn how User activity affects LINK file evidence
Learn how to manually locate and decode embedded LINK file data such as MAC times
Learn to do all of this using freely available computer forensic tools
Requirements
Windows 7 or Windows 8 computer system
Basic computer forensic fundamentals
Basic Windows computer fundamentals
Description
Windows LINK files are a great source of information when your aim is proving file use and knowledge during a computer forensic investigation. This course goes beyond automated results and digs into the body of a LINK file in order to understand how it is constructed and how to manually pull out and interpret the data. Through a series of hands-on validation exercises and practical exercises you will gain a firm understanding of how LINK file data is affected by different types of user driven behavior. Using all freely available tools, this course takes you through the process of understanding what automated tools do under the hood - all in about an hour.
Source material for the practical exercises is provided. Just bring your Windows 7 or Windows 8 system and a desire to learn.
Who this course is for
Computer forensic analysts
IT Professionals
Computer crime investigators
Students