Video Transcription

00:00
All right. Welcome to basic elementary, dead boot forensic acquisition. And let's get right into this.
00:07
All right. Our process went ahead and finished itself up there. We get a little pop up message and said the devil dead boot device was created the time, and it took a grand total of three minutes of 49 seconds there. So you know not not terrible.
00:22
Obviously. I said speed of the storage or right on Tuesday. The story you're writing from all make a difference in that.
00:27
And we get a little message down here in the console. Windows has the same information that it all ended well. And what we're road over and things like that.
00:35
So that's the first part of that operation. So we've got our dead boot dongle. Now, we've got our physical device here. That's gonna be our storage survive our blessed repositories drive. So we're gonna take both of those were going to go to our target computer,
00:52
and we're gonna see about actually,
00:56
um,
00:59
going ahead and
01:02
making it. Friends of damage. That computer now again, If you were paying attention in the last course on using the storage controller, you know that we have to create a blessed storage drive ahead of time. So,
01:15
um, all our storage media is right blocked by default by Evan Battery. That's that's their methods. So you have to actually signature a drive or Plessy Dr.
01:23
In order for it to build a right to it,
01:25
um, mistakes during the imaging process. Um, you know, this blessed drive is the only piece of media that's gonna be able to be written to have to make sure that that storage media In this case, I haven't said a simple western digital USB drive. It has to be formatted e x fat
01:42
a ce the Microsoft Windows
01:46
file system format. Ah, lot advantages. There's we discussed before Windows and OS X natively understand the expat file system. So you can, you know, cross those drives across multiple machines and they're gonna work out fine also can be used on Lennox with the ex fat fuse module
02:06
applied to it s so you can use it all three of your environments.
02:09
And, uh, the Lenox folks just announced this summer 2019 and he was August that they're gonna be emerging yaks fat into the colonel. So pretty soon you'll be ableto plug any X fat drive into ah Lenox box with a new colonel, and it'll just automatically recognize the file system. So
02:27
we've basically got one file system here. Thio work on all three of our operating system choices.

Up Next

Basic Evimetry Deadboot Forensic Acquisition: Wired and Local

This course covers using the creating an Evimetry Deadboot dongle to create a forensic image from a bootable USB thumb drive. We’ll also walk through using the Evimetry Deadboot dongle to directly create a forensic image from the target computer.

Instructed By

Instructor Profile Image
Brian Dykstra
CEO and President of Atlantic Data Forensics
Instructor