Traditional forensics professionals use fingerprints, DNA typing, and ballistics analysis to make their case. Infosec professionals have to develop new tools for collecting, examining and evaluating data in an effort to establish intent, culpability, motive, means, methods and loss resulting from e-crimes.
Part 1 of this course on cyber forensics, will introduce the course participant to data, the primordial building blocks of information as we know it and how specific data evolve, eventually into evidential matter.
We start small, in fact very small . . . bits and bytes small, explaining the origins of data and progressing onward, addressing concepts related to data storage, boot records and partitions and how each of these are interrelated and essential in the understanding of the process and methodology, of a cyber-forensic investigation.
After completing this seminar, participants will be able to:
- Recognize the fundamental building blocks of data.
- Differentiate between how data are stored, arranged, calculated and presented in human-readable form.
- Identify how data are converted from binary to decimal format.
- Interpret the dependency and linkage of hexadecimal notation and the relationship to cyber forensics.
- Define the Master Boot Record and its role in cyber forensic data analysis.
- Comprehend the meaning and role of endianness in data representation and storage.
- Explain the role and function of the partition table.