By: Hugh Shepherd
April 26, 2021
Evimetry: Interview with Dr. Bradley Schatz Course Review
By: Hugh Shepherd
April 26, 2021
In this course, Cybrary instructor Brian Dykstra, CEO of Atlantic Data Forensics, conducts an interesting and informative interview with Dr. Bradley Schatz. Dr. Schatz is the Advanced Forensics File Format (AFF4) co-author and creator of the forensics workflow toolkit, Evimetry.
The format of this course is a five-part interview with Dr. Schatz. During the interview, Dr. Schatz answers a series of questions on several topics, ranging from the evolution of his career and the path that led him to co-author the AFF4 forensic format, the challenges he faced launching Evimetry, some of the technical aspects of the toolkit and his plans on the future direction of Evimetry.
Overall, this is a particularly good course that provides a pleasant learning experience. The course's interview format evolves into a casual conversation between Mr. Dykstra and Dr. Schatz, which makes this training relatively easy to listen to and absorb for students. Mr. Dykstra and Dr. Schatz display the years of experience and in-depth knowledge of the digital forensics industry during their discussion. The conversation between Mr. Dykstra and Dr. Schatz is full of professional insight from both individuals, which greatly enhances students' learning experience in this course. The interview format of the course is laid-back, which is a nice touch. Nevertheless, the interview questions are well structured and open-ended so that they encourage an expansive discussion on the Evimetry product and into the world of digital forensics in general.
An understated benefit of the interview format for this course is that it promotes introspection and the sharing of "tidbits" of knowledge by Dr. Schatz and by Mr. Dykstra as well, during their conversation that may not have occurred in a more traditional lecture. During the interview, the instructor covers the most important aspects of the Evimetry product development process that will deepen the learner's general knowledge of the technology. Additionally, throughout the course, the instructor does a nice job of keeping the conversation relatively lively and entertaining, which is a significant accomplishment considering that some people may consider digital forensics dry. The course (conversation) flows at a steady pace so that it seems that the course is over in less than its actual time of 58 minutes. This is especially beneficial to learners with only a casual interest in the topic.
This is a beginner-level course that provides roughly 1 hour of instruction (1 CEU/CPE). Even though this is a beginner-level course, having some knowledge in digital forensics would be helpful. This course is primarily intended for computer forensics professionals, incident responders, and information technology professionals in general. Nevertheless, anyone interested in computer forensics, the digital aspects of investigations, incident response, and the Evimetry product will benefit from this course. Additionally, the following prerequisites are recommended for the course:
- A full-featured evaluation copy of Evimetry (link found in the course syllabus)
- Internet-connected computer
- An "evidence" computer or drive
By the end of the course, students will have gained a general understanding of AFF4, Evimetry, and digital forensics in general. There is a link to an in-depth presentation by Dr. Schatz titled "Advanced Acquisition & Live Analysis with the AFF4" in the course syllabus. This supplemental material on the AFF4 is an excellent resource full of information on the framework and can help reinforce many of the topics covered during the interview.
Cybrary offers numerous other learning resources related to information technology and related disciplines like digital forensics. You can explore and sign-up for these learning resources on the Cybrary website. Listed below are just a few related resources available on the Cybrary website: