Course Content

Course Description

Additionally, in this course we cover options for pulling or pushing the Evimistry live collection agent directly from the my.evimetry.com website to a running computer.  We walk through each of these scenarios step-by-step using all the Evimetry tools.

Prerequisites

  • Before any forensic acquisition you must document the evidence
  • See my Cybrary course: “Evidence Handling: Do it the Right Way”
  • See my Cybrary course: “Basic Evimetry Deadboot Forensic Acquisition: Wired & Local”
  • Get a full featured, evaluation copy of Evimetry (Link found in Syllabus)
  • Internet connected computer
  • An “evidence” computer or drive
  • A USB thumbdrive for dead booting
  • A network
  • A DHCP source
  • A storage drive (USB3 External)

Course Goals

By the end of this course, students should be able to:

  • Create an Evimetry Allocated-Only Forensic Image
  • Create an Evimetry Non-Linear Partial Forensic Image (File-Type Image)
  • Create an Evimetry Live Forensic Image of a Windows Target System
  • Examine the Downloadable Pull & Push Evimetry Live Agents

Instructed By

Instructor Profile Image
Brian Dykstra
CEO and President of Atlanta Data Forensics
Instructor

Delivered By

Atlantic Data Forensics

Industry leader in digital evidence collection and forensics.

Provided By

Cybrary

Certificate of Completion

Certificate Of Completion

Complete this entire course to earn a Advanced Evimetry Forensic Acquisition: Allocated, Non-Linear Partial, and Live Images Certificate of Completion