This lab-based lesson offers step by step instructions in how to navigate the H drive on the computer to hash files in order to produce a result which can be exported to a notepad. This preserves the integrity of a file and allows an investigator to gather volatile information. This lesson also covers the use of Mandiant Redline, which allows the collection of volatile memory and analysis.
Incident Response and Advanced Forensics
In this course, you will gain an introduction to Incident Response, learn how to develop three important protection plans, perform advanced forensics on the incident, deep dive into insider and malware threats, and commence incident recovery.