Short Course

Applied Live Forensics

Investigating the What, When, and How of Cyber Security Incidences

8 Hours of video content

Advanced

Certificate of Completion Included

Check out Subscription Plans

Overview What You Will Learn Curriculum Instructor

Course Overview

The conventional, generally acknowledged digital forensic practice of turning off a computer and then using a write blocker to acquire a bit-stream image of the system hard drive is increasingly being found to be unworkable in instances where it is necessary for you as an investigator to act faster while still allowing critical business activities to go on.

Perhaps more significant is the fact that some organizations are no longer allowed to decide on their own when to provide some sort of live reaction. Instead, both governing or regulatory bodies and legislation in some respects make live forensics mandatory, hence requiring active responses. Moreover, it is also possible that you as an Investigator or incident responder cannot just answer all the investigation questions by just using the contents of an imaged hard drive from a computer that has been turned off. This makes live forensics a critical part of your incident response process in any business organization, especially in situations where you encounter servers that are critical to business operations and cannot be shut down.

This course, therefore, takes you through the essential process of conducting live forensics and helps you learn how to investigate or respond to suspected cyberattacks while systems are still running. You will also gain knowledge on how to identify, mitigate, and eradicate cyber threats without disrupting your critical business activities. This course will further help you appreciate the fact that live forensics is very important in some instances where you are required by auditors, legal teams, or law enforcement to provide essential information very fast.

By the end of the course, you will have learnt the essential knowledge necessary to conduct live forensics in your organization while at the same time advancing your career and perhaps learning new skills in digital forensic investigation. This will put you ahead of the curve on your digital investigation career journey as well as quickly help you learn emerging technologies in this field.

What You Will Learn

Learn about Common tools used for conducting live forensics
Understand why we conduct live forensics!
Familiarize about data to be collected and where to find it when conducting live forensics
Understand about the order of volatility and how to collect volatile data
Learn about evidence acquisition and analysis
Learn about the legal consideration of live forensics
Familiarize with the best practices and rules for evidence acquisition

Program Curriculum

Live Forensic Fundamentals
Live Forensic Process, Techniques, and Tools
Legal Considerations of Live Analysis
Forensics Lab Setup
$7 Million Cybersecurity Scholarship by EC-Council
Chapter 1 Quiz

Evidence Collection Preparation
Best Practices for Evidence Acquisition
Methods of Acquiring Digital Evidence
Procedures for Collecting Evidence
Collecting Evidence from Live Windows Systems
Acquiring Memory from a Windows System
Acquiring Evidence from Remote Systems or Cloud Storage
Legal Considerations While Collecting Evidence from a Running Computer
Understanding the Chain of Custody
Chapter 2 Lab
Chapter 2 Quiz

Introduction
Live Forensic Imaging Fundamentals
Preparation Process
Live Forensic Imaging Using FTK Imager
Imaging a Virtual Machine
Chapter 3 Quiz

Introduction
Live Forensic Evidence Analysis Concepts
Live Analysis of Captured System Memory
Live Analysis of Captured Disk Image
Analyzing a Running or Live Computer
Assessing and Analyzing Network and System Components
Chapter 4 Quiz

Introduction to Documentation
The Basics of Live Forensic Documentation
What Should Be Documented During Live Forensic Investigations?
The Importance of Live Forensic Documentation
Understanding the Different Live Forensic Documentation Types
Key Best Practices of Live Forensic Documentation
Chapter 5 Quiz

Introduction
Analysis of Captured Memory File Using Volatility
Browser History Analysis
Password Recovery
File Recovery from Disk Images
Event Log Analysis
Using PowerShell to Automate Forensic Tasks
Monitoring a Running System or Network
Live Forensic Case Studies
Chapter 6 Lab
Chapter 6 Quiz

Introduction to Forensic Report Writing
Report Writing Fundamentals
What to Include in Your Forensic Report?
Understanding Your Audience
Chapter 7 Quiz

Course Conclusion and Way Forward

Load more modules

Instructor

Nickson M. Karie

Having worked for different Universities across the globe, Dr Nickson M. Karie is an accomplished Cybersecurity and Forensics professional with over thirteen years of academic teaching and research. Dr Nickson has also worked for different research organizations and published several research articles in peer-reviewed scientific journals and presented his research findings at a scientific conference. Currently, Dr Nickson is working full-time as a Technical Training Manager and a Digital Forensics and Incidence Response (DFIR) Specialist in Australia. Dr Nickson enjoys using his Cybersecurity and Forensics skills and knowledge to contribute to the exciting technological advances happening in different industries and academia in the world. He believes that cybersecurity, Digital Forensics and Incidence Response is not only fundamental part of our daily life but also key to the future of our global digital economy. Dr Nickson graduated from the University of Pretoria, South Africa in 2016 with a PhD in Computer Science and his research interests are in Digital Forensics, Critical Infrastructure Security, Intrusion Detection and Prevention, Information and Computer Security Architecture, Network Security as well as IoT Security. Dr Nickson, therefore, sees Live Forensics as genuinely transformational and, as such, it must be focused on adding value. With the adoption of IoT and cloud technologies Live Forensics will be more valuable in the current and future complex business environments.

Buy this course now

$99.99

Get Immediate access for one year today!

Upgrade to Pro Plans and Get Full Access Today!

Get this course, along with 700+ courses and 50+ learning paths and more in one subscription. Learn more

Unlock All Access

Plans start from $33/mo. Cancel anytime.

Join over 1 Million professionals from the most renowned Companies in the world!

Empower Your Learning with Our Flexible Plans

Invest in your future with our flexible subscription plans. Whether you're just starting out or looking to enhance your expertise, there's a plan tailored to meet your needs. Gain access to in-demand skills and courses for your continuous learning needs.

Monthly Plans

Annual Plans

Save 20% with our annual plans!

Pro

Ideal for continuous learning, offering extensive resources with 600+ courses and diverse Learning Paths to enhance your skills.

^$ 499.00

Billed annually or $59.00 billed monthly

Get Started Now

Start your 7-day trial for $1

What is included

700+ Premium Short Courses
50+ Structured Learning Paths
Validation of Completion with all courses and learning paths
New Courses added every month

Early Access Offer

Pro +

Experience immersive learning with Practice Labs, CTF Challenges, and exclusive EC-Council certifications for comprehensive skill-building.

^$ 599.00

Billed annually or $69.00 billed monthly

Get Started Now

Start your 7-day trial for $1

Everything in Pro and

800+ Practice Lab exercises with guided instructions
150+ CTF Challenges with detailed walkthroughs
New Practice Labs and Challenges added every month
3 Official EC-Council Essentials Certifications¹ (retails at $897!)
Exclusive Bonus with Annual Plans

¹This plan includes Digital Forensics Essentials (DFE), Ethical Hacking Essentials (EHE), and Network Defense Essentials (NDE) certifications. No other EC-Council certifications are included.

Related Courses

Hands-on FortiGate Firewall

Short Course

Hands-on FortiGate Firewall

Security Architecture and Operations

Learn how to deploy the FortiGate NGFW and how to configure the most common features of FortiGate Next-Gen Firewalls

Learn how to deploy the FortiGate NGFW and how to configure t...

$99.99

Intermediate

3 hr 0 m

Hello
Hands-on SELinux

Short Course

Hands-on SELinux

Security Architecture and Operations

Learn SELinux Basics: Implement Security Policies, Troubleshoot, and Protect Linux Systems Effectively.

Learn SELinux Basics: Implement Security Policies, Troublesho...

$49.99

Beginner

5 hr 28 m

Hello
Complete Bash Shell Scripting

Short Course

Complete Bash Shell Scripting

Security Architecture and Operations

Automate repetitive tasks with Bash Shell Scripting to save valuable time

Automate repetitive tasks with Bash Shell Scripting to save v...

$79.99

Intermediate

18 hr 10 m

Hello
Installing and Mitigating Linux Rootkits

Short Course

Installing and Mitigating Linux Rootkits

Security Architecture and Operations

Understanding the threat posed by rootkits in Linux and potential mitigations.

Understanding the threat posed by rootkits in Linux and poten...

$59.99

Advanced

3 hr 0 m

Hello
Start Hacking and Making Money Today at HackerOne

Short Course

Start Hacking and Making Money Today at HackerOne

Security Architecture and Operations

Hack Legally and Get Paid for Your Findings

Hack Legally and Get Paid for Your Findings

$59.99

Beginner

1 hr 9 m

Hello
PowerShell Scripting Essentials: Anatomy of Logging – Developing a Logging Module

Short Course

PowerShell Scripting Essentials: Anatomy of Logging – Developi...

Security Architecture and Operations

How to write a PowerShell module that contains functions to do logging for our scripts

How to write a PowerShell module that contains functions to d...

$69.99

Intermediate

6 hr 1 m

Hello
Machine Learning for Application in Digital Forensics

Short Course

Machine Learning for Application in Digital Forensics

Security Architecture and Operations

Unlocking the Potential of Machine Learning: From Theory to Practice

Unlocking the Potential of Machine Learning: From Theory to P...

$99.99

Intermediate

4 hr 0 m

Hello
Applied Python Cryptography

Short Course

Applied Python Cryptography

Security Architecture and Operations

Securing your Python code and protecting your users private information by utilizing simple, powerful, and free cryptographic libraries

Securing your Python code and protecting your users private i...

$79.99

Intermediate

4 hr 0 m

Hello