This seminar covers how data is physically stored in a computer system, and provides detailed information on RAM, ROM, Flash, CD, DVD, Hybrid Hard Disks, and Blu-Ray. Learn about the recovery potential from a variety of storage devices.
| Level: |
Basic
|
| Audience: |
Cyber forensics investigators |
| Topics: |
- Data storage architectures
- Standalone system storage architecture
- Data center storage architectures
- Understanding block storage devices
- Blocks
- Addressing
- Reserved blocks
- Interfaces
- RAID
- Understanding magnetic storage
- Architecture
- Disk vs. tape
- Hard disk vs. floppy disk
- Reading and writing
- Understanding flash memory
- NAND and NOR
- Architecture
- Pages and blocks
- Reading, writing, and erasing
- TRIM command
- Wear leveling
- Partitions and volumes
- Partition features
- Partition implementation
- Disk images
- Windows volumes
- Examining partitions and volumes
- Finding evidence of volumes
- Encrypted storage
- Host software encryption
- Hardware encryption
- Non-traditional storage locations
- Motherboard
- PCIe and mSATA devices
- Media-specific details and recovery potential
- Magnetic disks
- Solid state disks
- Hybrid and "hinted" hard disks
- RAM
- ROM
- CD
- DVD
- Blu-Ray
- Compact flash (CF) card
- Secure Digital (SD) card
- Multi-Media Card (MMC)
- Smart card
|
| Operating systems supported: |
All Windows versions |
| Durations and formats: |
2 days with labs
|
