Title
DFFAD - Access Data FTK Boot Camp
SKU
B2111
Days
3
Price
$2,495.00
Register Now

DFFAD - Access Data FTK Boot Camp

Description

Digital Intelligence's AccessData FTK Boot Camp (DFFAD) is a comprehensive, three-day course designed to provide the knowledge and skills necessary to conduct digital acquisitions and investigations using FTK Toolkit.  

Students who attend DFFAD are invited to take the Digital Forensics with FRED (DFF) class at no additional charge.  DFFAD is taught Tuesday-through-Thursday so students can combine DFFAD with the one-day DFF class offered on Mondays.  This makes the best use of each student's travel time and maximizes hands-on instruction with the combined FRED + FTK solution.


Objectives

This course combines the one-day Digital Forensics with FRED and three-days of FTK Boot Camp.  Additional tools covered and used in class are FTK ImagerTM, Password Recovery Toolkit (PRTKTM), and Registry ViewerTM.

Participants will use AccessData products to conduct forensic investigations on Microsoft® Windows® systems, learning where and how to locate Windows system    artifacts.

Upon course completion, attendees should be able to:

  • Install AccessData software tools
  • Image, acquire, export, and create forensic images
  • Access and review registry entries
  • Create a case, process and analyze documents, metadata, graphics, and e-mails using FTK
  • Use bookmarks / checkmarks to efficiently manage and process a case
  • Update / customize the KFF database
  • Manage evidence using file filters
  • Perform searches using regular expressions and imported search lists
  • Carve unallocated disk space
  • Create and customize reports
  • Recover passwords using PRTK
  • Gain practical experience with FTK indexing
  • Create custom dictionaries using the FTK indexing
  • Create regular expressions
  • Use Registry Viewer to locate evidentiary information in Windows 2000 and Windows XP
  • Integrate Registry Viewer with FTK
  • Recover forensic information from Recycle Bin INDO2 files
  • Recovery forensic information from various Windows XP artifacts
  • Create a PRTK custom dictionary using an FTK word list
  • Add SAM and Syskey values to PRTK to recover passwords and decrypt files
  • Recover EFS encrypted files on Windows 2000 and Windows XP systems


Prerequisites

This hands-on class is intended for new users, particularly forensic professionals and law enforcement personnel, who use AccessData forensic software to examine,   analyze and classify digital evidence.


To obtain the maximum benefit from this class, you should meet the following requirements:

  • Read and understand the English language
  • Perform basic operations on a personal computer
  • Have basic knowledge of computer forensic investigations and acquisition procedures
  • Be familiar with the Microsoft Windows environment

Syllabus

Downloadable course syllabus

Sifb5qa7eokmtkdexxbc

Schedule

Title Dates Location
DFFAD - Access Data FTK Boot Camp Nov 05, 2019 (Tue) -
Nov 07, 2019 (Thu)
Digital Intelligence

17165 W. Glendale Drive
New Berlin, WI 53151

Questions? Would you like to learn more?

Contact our Training department
Di logo 300x56
Di logo 300x56 inverted

Toll Free: (866) DIGINTEL / (866) 344-4683
Phone: (262) 782-3332   Fax: (262) 782-3331
17165 W. Glendale Dr., New Berlin, WI 53151

Contact Us
About Us
Technical Support
Find a Reseller
Privacy Policy
Copyright © 2016-19 Digital Intelligence, Inc.  All rights reserved.