Introduction to file-system post-mortem forensic analysis

hosted by CIRCL

CIRCL/SMILE g.i.e, HSBC building, 2nd floor

Start: Wednesday, 05 Sep 2018 10:00

End: Wednesday, 05 Sep 2018 17:00

  • Event description

    Forensic Analysis is based on the assumption that everything leaves a trace behind. A trace in an information system can be any data that helps to identify space and time actions. Post mortem analysis is a key tool to discover and analyse security incidents. This course will teach the participant on how to find answers to what has happened by analysing different layer from the physical medium to the file system up to the application level.

    • Perform disk acquisition the right way
    • Introduce to file system analysis (NTFS/FAT)
    • Analyse operating system artifacts (MS Windows)
    • Find evidences in communication applications (e.g. browser or chat history)
    • Forensic correlation with threat intelligence platform like MISP
  • Register to this free training

    The event is over. It is not possible to purchase tickets anymore.This event used XING Events for online ticketing. Start to organise your own events in an effective and professional way.
    Test it now

    * incl. legal VAT
  • Costs of the training

    This training is free-of-charge but there is a no-show fee of 30,- EUR if you register and don’t join us for the training without cancellation. 

  • Practical information

    Prerequisites:

    We encourage you to bring a laptop running Linux, either natively or in a virtual machine. An installation of Kali Linux is perfect. Please also download the material from https://www.circl.lu/services/forensic-training-materials/

    Who benefits most from this training:

    • Employees of the IT department 
    • Local Incident Response Team
    • IT security/DFIR interested

    Requirement:

    Knowledge of operating systems and IT security is required

    Duration:

    This is an 8 hours training.

    What is included:

    • Training material
    • Beverages
    • Light lunch

    Language of the course:

    The course is given in English.

  • About CIRCL

    The Computer Incident Response Center Luxembourg (CIRCL) is a government-driven initiative designed to provide a systematic response facility to computer security threats and incidents. CIRCL is the CERT for the private sector, communes and non-governmental entities in Luxembourg.
  • More events

    Event title Event venue Date Registration
    MISP Training - Threat Intelligence Analyst and Administrators CIRCL/SMILE g.i.e, HSBC building, 2nd floor 20 May 2019 10:00 Registration
    Digital forensics primer (DFIR 1.0.1) CIRCL/SMILE g.i.e, HSBC building, 2nd floor 20 May 2019 10:00 Registration
    IHAP workshop day 1 CIRCL/SMILE g.i.e, HSBC building, 2nd floor 21 May 2019 10:00 Registration
    Digital forensics primer (DFIR 1.0.2) CIRCL/SMILE g.i.e, HSBC building, 2nd floor 21 May 2019 10:00 Registration
    IHAP workshop day 2 University of Luxembourg – Maison du Savoir 22 May 2019 10:00 Registration
    Pre-TF-CSIRT Social Event Securitymadein.lu 22 May 2019 18:00 Registration
    MISP Training (Malta) - Threat Intelligence Analyst and Administrators Old University Building 29 May 2019 09:00 Registration
    MISP Training (Malta) - Developers session Old University Building 30 May 2019 09:00 Registration
    MISP Training (Prague) - Threat Intelligence Analyst and Administrators Conference center GreenPoint, s. r. o. 17 September 2019 09:00 Registration
    MISP Training (Prague) - Developers session Conference center GreenPoint, s. r. o. 18 September 2019 09:00 Registration

Share

Or share this link:

Export

  • Venue & Access

    Event venue address

    CIRCL/SMILE g.i.e, HSBC building, 2nd floor 16, Boulevard d'Avranches 1160 Luxembourg Luxembourg

    Directions:

    Our training rooms are located close to the train station of Luxembourg city and excellently accessible, especially by public transport.

    How to reach us?

    by Car

    • Closest Parkings:
      • Rocade, Saint-Esprit, Nobilis, Gare, Kons

    by Bus

    • Closest bus stops:
      • Al Molkerei: 19, 117, 159, 160, 162, 163
      • Al Avenue: 19
      • Wallis: 3, 5, 6, 15, 30

     by Bike

    • Closest Vel'oh station:
      • #4 (Rocade)
powered by XING Events

Event organiser: CIRCL
More participants thanks to online event management solutions from XING Events.

Imprint