Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Learn the fundamentals of digital forensics in this comprehensive 47-minute video tutorial that explores how digital devices leave behind evidence of user interactions. Discover the foundational principles of forensic science starting with Locard's Exchange Principle and examine a real-world case study of the BTK Killer to understand how digital evidence differs from physical evidence. Master the process of simulating and analyzing forensic artifacts through hands-on demonstrations of file wiping techniques and evidence recovery methods. Explore critical Windows forensic artifacts including registry analysis of "dirty" hives, RunMRU, RecentDocs, Office File MRU, and Trusted Documents to track user activity and file access patterns. Investigate location-based evidence and examine OpenSavePidlMRU and LastVisitedPidlMRU entries to reconstruct user behavior. Analyze LNK files and Windows Prefetch data to understand program execution patterns, then delve into advanced topics including Master File Table (MFT) analysis, USN Journal examination, and Alternate Data Streams (ADS) for comprehensive digital evidence recovery. Gain practical skills in identifying, preserving, and analyzing digital traces left behind by everyday computer usage, providing essential knowledge for cybersecurity professionals, incident responders, and anyone interested in understanding how digital forensics works in modern investigations.
