Do you like the idea of being able to find what others cannot? In this course, Digital Forensics: Getting Started with File Systems, you'll dive into learning about digital forensics, file systems, and how digital forensic investigators use them to prove what did or did not happen on a system. You'll begin by covering topics, such as tracks, sectors, clusters, blocks, and slack space. Next, you'll explore deeper into permissions and metadata. Finally, you'll take a look into time stamps, and journaling all while making use of Autopsy as your tool. By the end this course, you’ll know how to navigate Autopsy and the native Windows, Linux, and Mac OS X operating systems to find file system level forensic evidence.
Evan is an engineer by nature and a security professional by trade with over a decade of experience in technology and security. He enjoys learning new technologies and how to get more out of existing technologies through integration, enrichment, and innovation of new use cases.
Course Overview Hi everyone. My name is Evan Morgan, and welcome to my course, Digital Forensics - Getting Started with File Systems. I'm a security professional at a Fortune 100 financial services firm and have over a decade of experience in the security field. Do you like the idea of being able to find what others cannot? Does being in the know about what's happening on a system when the average user is completely oblivious to the hidden data right in front of them pique your interest? If so, then you'll most likely enjoy learning more about digital forensics. Some of the major topics that we'll cover include tracks, sectors, clusters, blocks, and slack space, permissions, metadata, timestamps, and journaling. By the end of this course you'll know how to navigate Autopsy and the native Windows, Linux, and Mac OS X operating systems to find all of this file system-level forensics evidence. I hope you'll join me on this journey to learn more about digital forensics with the Digital Forensics - Getting Started with File Systems course, at Pluralsight.