From the course: Cybersecurity Foundations: Computer Forensics
Join today to access over 25,200 courses taught by industry experts.
Data acquisition approaches
From the course: Cybersecurity Foundations: Computer Forensics
Data acquisition approaches
- [Narrator] After taking essential precautions to preserve your evidence, you're finally ready to acquire your data. There are many ways of acquiring data in computer forensics. Static acquisition is one of the most basic and common data acquisition methods. Static acquisition retrieves data from non-volatile sources, such as a hard drive or USB drive. In a non-volatile source, data remains on the storage device after turning the power off. Live acquisition is becoming more necessary these days because of encryption. Live acquisition acquires data from a volatile source, such as main memory, also known as random access memory, or RAM. In a volatile source, data goes away from the storage device after it's turned off. In addition to static and live acquisition types, there is another way of acquisition, which is remote acquisition. Remote acquisition is done through a network connection and involves a client-server…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
-
-
(Locked)
Data acquisition approaches1m 44s
-
(Locked)
Static acquisition with open-source tools3m 39s
-
(Locked)
Static acquisition case study with dd2m 57s
-
(Locked)
Static acquisition case study with dcfldd1m 53s
-
(Locked)
Live acquisition case study with a commercial tool40s
-
(Locked)
Challenge: Live acquisition with a memory dump file29s
-
(Locked)
Solution: Live acquisition with a memory dump file47s
-
(Locked)
-
-