< All Computer Hacking and Forensics Notes

YoussefM | Computer and Hacking Forensics | Module 5 – First Responder

By: YoussefM | Related Course: Computer Hacking and Forensics | Published: October 19, 2017 | Modified: October 20, 2017
Join Cybrary

NotepadFirst Responder

In this module, we take a close look at who our first responders are and what processes they engage to conduct their work. Incident Responders or First Responders are both teams and individuals, so we’ll explore the differences when each is appropriate.
You’ll learn about the tools they need and its origin, the knowledge and expertise required and the myriad procedures that must be learned and followed.
The First Responder module is an excellent and detailed lesson on what it is and means to become a security incident responder.
The hands-on demonstrations for Module 5, First Responder include the following labs:
chkdisk and format NTFAS Lab
Hex Workshop bit flipping Lab
Hex Workshop Overview Lab


NotepadFirst Responder chkdisk and format NTFS Lab

First Responder chkdisk and format NTFS Lab
In our First Responder lab, we take a close look at several incident reporting tools, starting with chkdisk.
You’ll observe that with chkdisk utility, the dive volumes & paths are checked for errors and other anomalies. You’ll overserve how to use the tool, as well as using the switch commands to perform specific tasks.
With the /bottom switches, you’ll observe that NTFS performs specific checks of the volume such as checking for bad clusters, and checks of index entries. And you’ll see how chkdsk displays all the disposition data regarding the volume including serial number, confirms file system type, and calculates file and folder totals amongst other data.


NotepadFirst Responder Hex Workshop bit flipping Lab

First Responder Hex Workshop bit flipping Lab
This lab helps us understand how to use a utility that looks at the bit ordering by demonstrating the bit flipping analysis software.
You’ll learn for example, how to read a binary code, how to decider the placeholders, if the most significant bit is stored and read first or not, and how that is determined.
You’ll also learn where to find to most and least significant bit info and how the bit is read.
We’ll discuss the significance of byte order and how it determines the speed at which the read process takes place over the network, how bit flipping relates to and is store in memory.


NotepadFirst Responder Hex Workshop Overview Lab

First Responder Hex Workshop Overview Lab
In this lab, we introduce you to Hex Workshop, a software tool used to edit the hex decimal information of a file. It takes you thru the install and config process, selects a number of the components and screen views and how to specific a wide variety of criteria to get started in your file analysis.
You’ll observe and learn now to decipher the hex information of a given file, learn all the data displayed such as registry settings, and much more.
Transcript


< All Computer Hacking and Forensics Notes
Join Cybrary

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel