7 hours 36 minutes

Video Description

This lesson covers volatile memory capture. There are numerous programs to accomplish this; some of the well-known ones are: · FTK Imager · DumpIT · Mandiant Redline The best practice is to use removable media with installed software, which captures virtual memory while not adding files which causes valuable data to be overwritten. After the data is collected; the following takes place: · Disk encryption · Forensic imagining · Volatile memory analysis · Analysis of data Reporting

Up Next

Incident Response and Advanced Forensics

In this course, you will gain an introduction to Incident Response, learn how to develop three important protection plans, perform advanced forensics on the incident, deep dive into insider and malware threats, and commence incident recovery.

Instructed By

Instructor Profile Image
Max Alexander
VP, Cybersecurity Incident Response Planning at JPMorgan