NTFS file system explained: understanding resident and non-resident files - Computer forensics
This is the first tutorial of the Computer forensics course at Duckademy. To do computer forensics, understanding the NTFS file system and the inner workings of resident and non-resident files is a must. To DOWNLOAD the evidence files and the commands used in the tutorial go to http://www.duckademy.com
The goal of the Computer forensics course is to teach you how to collect evidence in case of an incident and to investigate how the intruders came in, what data they have stolen, if they have harmed your system.
In addition we will give you advice on what you can do to block the next attack.
The Computer forensics course will cover:
- Recovering NTFS file system and looking for evidence
- Recovering FAT16 and FAT32 file system
- Acquiring saved passwords from the password managers of browsers
- Browser history and cache file recovery to investigate the users’ internet usage
- Getting the content (e.g. emails, contacts) from an encrypted Outlook PST file
- Recovery of Exchange MDB, Active Directory NTDS.DIT and similar files
- ZIP file recovery
- RAM analysis of Windows and Linux servers with Volatility
IN THIS TUTORIAL of the Computer forensics course you will learn the inner workings of the NTFS file system to be able to recover files and look for evidence later.
For this we will cover:
01:21 Role of the resident files and how to retrieve them
24:36 Non-resident files in NTFS and their role in the file system
Please note that this computer forensics tutorial is for educational purposes only.
SUBSCRIBE NOW FOR NEW FREE IT TUTORIALS!
https://www.youtube.com/c/DuckademyITcourses?sub_confirmation=1
SUBSCRIBE TO OUR EMAIL LIST!
https://www.duckademy.com/#dialog-newsletter
FOLLOW US!
Facebook ► https://www.facebook.com/duckademy
Twitter ► https://twitter.com/duckademy
Google+ ► http://gplus.to/duckademy
Linkedin ► https://www.linkedin.com/company/duckademy
----------------------------------------------------------------------------------------------------------
Видео NTFS file system explained: understanding resident and non-resident files - Computer forensics канала Duckademy IT courses
The goal of the Computer forensics course is to teach you how to collect evidence in case of an incident and to investigate how the intruders came in, what data they have stolen, if they have harmed your system.
In addition we will give you advice on what you can do to block the next attack.
The Computer forensics course will cover:
- Recovering NTFS file system and looking for evidence
- Recovering FAT16 and FAT32 file system
- Acquiring saved passwords from the password managers of browsers
- Browser history and cache file recovery to investigate the users’ internet usage
- Getting the content (e.g. emails, contacts) from an encrypted Outlook PST file
- Recovery of Exchange MDB, Active Directory NTDS.DIT and similar files
- ZIP file recovery
- RAM analysis of Windows and Linux servers with Volatility
IN THIS TUTORIAL of the Computer forensics course you will learn the inner workings of the NTFS file system to be able to recover files and look for evidence later.
For this we will cover:
01:21 Role of the resident files and how to retrieve them
24:36 Non-resident files in NTFS and their role in the file system
Please note that this computer forensics tutorial is for educational purposes only.
SUBSCRIBE NOW FOR NEW FREE IT TUTORIALS!
https://www.youtube.com/c/DuckademyITcourses?sub_confirmation=1
SUBSCRIBE TO OUR EMAIL LIST!
https://www.duckademy.com/#dialog-newsletter
FOLLOW US!
Facebook ► https://www.facebook.com/duckademy
Twitter ► https://twitter.com/duckademy
Google+ ► http://gplus.to/duckademy
Linkedin ► https://www.linkedin.com/company/duckademy
----------------------------------------------------------------------------------------------------------
Видео NTFS file system explained: understanding resident and non-resident files - Computer forensics канала Duckademy IT courses
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![NTFS Forensics and the Master File Table](https://i.ytimg.com/vi/xW5UwDztkX4/default.jpg)
![NTFS Compression, When should it be used?](https://i.ytimg.com/vi/bpIawUHuYQg/default.jpg)
![Introduction to Windows Forensics](https://i.ytimg.com/vi/VYROU-ZwZX8/default.jpg)
![Demystifying the endocannabinoid system. | Ruth Ross | TEDxMississauga](https://i.ytimg.com/vi/8GsmTFytBYI/default.jpg)
![What Is The Best 4WD System?](https://i.ytimg.com/vi/TotrUUuYOM4/default.jpg)
![](https://i.ytimg.com/vi/WjmV5m5T9e8/default.jpg)
![What does a computer mouse see?](https://i.ytimg.com/vi/xWB9dP1AtDU/default.jpg)
![Linux inodes Explained](https://i.ytimg.com/vi/6KjMlm8hhFA/default.jpg)
![The Best Way to Organize Your Computer Files](https://i.ytimg.com/vi/bKjRKZxr-KY/default.jpg)
![Linux File System/Structure Explained!](https://i.ytimg.com/vi/HbgzrKJvDRw/default.jpg)
![NTFS and MFT](https://i.ytimg.com/vi/h8Mb55ox5OE/default.jpg)
![System design basics: Learn about Distributed file systems](https://i.ytimg.com/vi/LcuT0ynb_ks/default.jpg)
![Explaining File Systems: NTFS, exFAT, FAT32, ext4 & More](https://i.ytimg.com/vi/_h30HBYxtws/default.jpg)
![Working With The File System in C# - Managing Folders and Files](https://i.ytimg.com/vi/9mUuJIKq40M/default.jpg)
![Anatomy of an NTFS FILE Record - Windows File System Forensics](https://i.ytimg.com/vi/l4IphrAjzeY/default.jpg)
![Files & File Systems: Crash Course Computer Science #20](https://i.ytimg.com/vi/KN8YgJnShPM/default.jpg)
![What's In .DS Store for You? - macOS Forensics](https://i.ytimg.com/vi/5VKTaFBlMcE/default.jpg)
![Getting started in digital forensics](https://i.ytimg.com/vi/j3lgxdylktM/default.jpg)
![Systems Design Interview Concepts (for software engineers / full-stack web)](https://i.ytimg.com/vi/REB_eGHK_P4/default.jpg)
![The Best Way to Name Your Files (3-Step File Naming System)](https://i.ytimg.com/vi/86FiUbbRxaw/default.jpg)