Udemy
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
Subscribe
Turn what you know into an opportunity and reach millions around the world.
Learn More
Your cart is empty.
Keep shopping
Hard Disk Forensics: A Learning Guide
Rating: 4.2 out of 5(39 ratings)
2,115 students

Hard Disk Forensics: A Learning Guide

Get a brief overview of everything you need to learn to master Hard Disk Forensics.
Created byNandan Desai
Last updated 8/2023
English

What you'll learn

  • Students will learn about Filesystems, Partitions and Partitioning Schemes, etc.
  • Learn how to systematically master different topics in Hard Disk Forensics using a Conceptual Model.
  • Learn how to use The Sleuth Kit (TSK) tool to analyze Filesystems and Volumes.
  • Walk away with a strong foundational knowledge required to further explore Hard Disk Forensics.

Course content

1 section5 lectures36m total length

  • Introduction1:10

    This course is intended to share my knowledge and to provide you with a learning guide on how to study Hard Disk Forensics. In this video, you'll be introduced to the Hard Disk conceptual model!

  • Application Layer2:48

    In this video, you'll learn about the Application Layer and why it is important to have this layer in our conceptual model.

  • Filesystem Layer12:38

    In this video, you'll learn about how to use a conceptual model to learn different Filesystems. You will also learn to use different The Sleuth Kit (TSK) tools using this conceptual model.

  • Volume Layer13:17

    In this video, you'll learn about what Partitions are and how they are organized using Partitioning Schemes. You'll also see a demo of how to use TSK tools to extract and analyze different partitions on a disk.

  • Interface Layer6:22

    In this video, you'll learn about ATA disks and certain interesting ATA features like Host Protected Area (HPA) and Device Configuration Overlay (DCO) that are relevant from forensics' point-of-view.

Requirements

  • Some prior computer science knowledge will be helpful.

Description

Introduction: Welcome to my comprehensive course on Hard Disk Forensics! This course aims to provide a brief overview of all the essential concepts you need to learn to enter the world of Hard Disk Forensics. In just about 36 minutes, you will acquire a solid understanding and a map of resources to systematically learn and practice Hard Disk Forensics.

Course Overview:

  1. In this course, I'll introduce you to a systematic conceptual model that plays a crucial role in understanding the various sub-systems analyzed in Hard Disk Forensics.

  2. You'll learn about the basics of several key components, including Filesystems, The Sleuth Kit tools (the backbone of Autopsy), Partitions, Partition Tables, Partitioning Schemes, Data Link standards like ATA and SCSI (with a focus on ATA), and more.

Foundation for Mastery: This course will lay a strong foundation for your journey to mastering Hard Disk Forensics. With the knowledge gained, you'll be well-equipped to explore the fascinating world of digital investigations.

Systematic Conceptual Model: I'll start by defining a conceptual model with five layers:

  1. Application Layer

  2. Filesystem Layer

  3. Volume Layer

  4. Interface Layer

  5. Physical Layer

Understanding the Layers: Throughout the course, I'll delve into the basics of the first four layers, providing you with valuable resources to explore each layer in depth. This systematic approach will enhance your comprehension and practical skills.

Key Resource: The primary book I have referenced for this course is "Filesystem Forensic Analysis" by Brian Carrier. This resource has been instrumental in shaping the content and knowledge shared in this course.

By the end of this course, you'll have the knowledge and tools to confidently navigate the realm of Hard Disk Forensics.

Who this course is for:

  • Anyone interested in Computer Forensics.

Report abuse