All right, This is basic, ever metric dead boot forensic acquisition using a wireless network.
And I'm Brian Dykstra on the CEO of Atlantic Data forensics. I'm also a co founder of Mandy, in case you've heard of that thing, Um, thanks to be a contractor, the cybercrimes instructor at the FBI academy came to this through military intelligence. Got a bunch of certifications, things like that.
If you have any questions about this course or any of the courses we produced so far
Ah, you can go ahead and reach out to me directly at cyber ery at Atlantic D f dot com,
Um, and has always come run with us. We do this every day for the rial.
All right, so a little bit about Atlantic data forensics found in 2007 We are headquartered in Elkridge, Maryland. We do computer forensics for civil and criminal litigation. We do e discovery for big law firm. So large, large size cases, hundreds of mailboxes, sometimes thousands
on. We have a steady 24 7 instant response practice handling
data breaches for clients, things like that. Lots of internal corporate investigations. HR investigations that sort of thing. And for our clients. We also to instant response, training and exercises. Additionally, we have offices in Denver and Detroit. And if you've been sticking with me, you know, we're working on Houston and natural some.
Here we go.
All right. Prerequisites for this course not to nothing too crazy yet, Um,
before doing any forensic acquisition. Please, please, please pay attention to this. You need to document the evidence. If you're not sure how to document the evidence or what you're collecting. See my cyber recourse evidence handling, doing it the right way. You only get one chance to document
your evidence in a lot of cases. Make sure you do it right.
Also, you might want to take a look at my separate course Basic ever metric dead boot, forensic acquisition for Wired and local acquisition.
And then you get a full featured evaluation copy of ever Met tree at my elementary dot com. Dr. Schatz down there will be sure to give you a free copy of pass those out. And if you have deep, dark questions about how ever Met Tree and F F four work and why they're a superior format and process to using
expert witness format based tools. You can see his document. Their advanced. Ah, if a four public pdf great. Read lots of pictures really breaks down complicated topics s so that you can understand him.
All right. Course materials for today, about the same as last course. We need an Internet connected computer. We need an evaluation copy of ever Met tree. We need evidence, computer or drive that we're gonna be working on. Uh, we have a USB thumb drive that we're gonna use for ever met tree dead boot. Dangle.
In this case, we're gonna need a WiFi network.
Um, we can get that operates the DCP source, or you can, of course, have a separate DCP source of if you want.
And, ah, storage drive here. We're just gonna use commodity USB three, storage, external storage drive, tow Western digital one terabyte. Nothing. Nothing too exciting.
All right, target audience through this is course computer forensics professionals, incident responders. Let's face it. Instant response in a lot of ways. Very similar computer forensics, not day to day basis. And, of course, information technology professionals that might get pulled in in a pinched you know, I gotta make a forensic acquisition. This box right now, for whatever reason,
Ah, you should get everything you need out of this. To be able to do that the proper way.
All right, Are learning objectives for this course, we'll learn howto edit the elementary dead boot dangles so that it is WiFi capable. We're gonna talk a little bit about us be WiFi dangles the actual physical hardware that works really well for this. And then we're gonna go through how to use the elementary,
dead boot, USB dongle and the elementary controller to manage.
Ah, forensic acquisition across a wireless network. So rather than the local lord or ah, or cat five cats, six connected network. We did last time strictly over WiFi this time.