Scribd
Upload
27 views4 pages

File System Analysis Training Course

Uploaded by

kanortubes
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
27 views4 pages

File System Analysis Training Course

Uploaded by

kanortubes
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

Si

labusTr
aini
ngFi
leSy
stem Anal
ysi
s

Ov
erv
iew
Successi ndigit
alforensicinvesti
gati
onsi sinseparablefrom adeepunder standingoff i
l
e
systems.Thisisbecauseev erykindsoffil
esyst em provi
desdiff
erentmechani
sm f oruser
sto
store datain hier
archyoff i
l
es and direct
ories.Thi s 5-
days cour
se wil
lteach y ou f
rom
understandi
ngaboutdef i
nit
ionoff i
lesyst
em,howspeci fi
cf i
l
esystemsaredesignandwhati s
uniqueaboutthem withrespecttodigi
talf
orensicinvesti
gati
on.

Whoshoul
dat
tend?

 Di
git
alFor
ensi
candI
nci
dentResponderTeam

 I
TSecur
it
yPr
ofessi
onal

Whatwi
llIl
ear
n?

 Under
standt
hekeyconcept
soff
il
esy
stem

 Per
for
mingf
il
esy
stem anal
ysi
sinwi
ndows,
li
nuxandMacOS

 Under
standabouthowev
eryki
ndoff
il
esy
stem st
oredat
a

Modul
eI–Fi
leSy
stem Anal
ysi
s

 Whati
saFi
l
eSy
stem?

 Fi
l
eSy
stem Cat
egor
y

 Cont
entCat
egor
y

 Met
adat
aCat
egor
y

 Fi
l
eNameCat
egor
y

 Appl
i
cat
ionCat
egor
y

 Appl
i
cat
ion-
lev
elSear
chTechni
ques

 Spesi
fi
cFi
l
eSy
stems

Modul
eII–FATConcept
sandAnal
ysi
s
 I
ntr
oduct
ion

 Fi
l
eSy
stem Cat
egor
y

 Cont
entCat
egor
y

 Met
adat
aCat
egor
y

 Fi
l
eNameCat
egor
y

Modul
eII
I–FATDat
aSt
uct
ures

 BootSect
or

 FAT32FSI
NFO

 FAT

 Di
rect
oryEnt
ri
es

 LongFi
l
eNameDi
rect
oryEnt
ri
es

Modul
eIV–NTFSConcept
s

 I
ntr
oduct
ion

 Ev
ery
thi
ngi
saFi
l
e

 MFTConcept
s

 MFTEnt
ryAt
tri
but
eConcept
s

 I
ndexes

 Anal
ysi
sTool
s

Modul
eV–NTFSDat
aSt
ruct
ures

 Basi
cConcept
s

 St
andar
dFi
l
eAt
tr
ibut
es

 I
ndexAt
tri
but
esandDat
aSt
ruct
ures

 Fi
l
eSy
stem Met
adat
aFi
l
es
Modul
eVI–Ext
2andExt
3Concept
sandAnal
ysi
s

 I
ntr
oduct
ion

 Fi
l
eSy
stem Cat
egor
y

 Cont
entCat
egor
y

 Met
adat
aCat
egor
y

 Fi
l
eNameCat
egor
y

 Appl
i
cat
ionCat
egor
y

Modul
eVI
I–Ext
2andExt
3Dat
aSt
ruct
ures

 Super
block

 Gr
oupDescr
ipt
orTabl
es

 Bl
ockBi
tmap

 I
nodes

 Ext
endedAt
tri
but
es

 Di
rect
oryEnt
ry

 Sy
mbol
i
cLi
nk

 Jour
nal
Dat
aSt
ruct
ures

Modul
eVI
II–UFS1andUFS2Concept
sandAnal
ysi
s

 I
ntr
oduct
ion

 Fi
l
eSy
stem Cat
egor
y

 Cont
entCat
egor
y

 Met
adat
aCat
egor
y

 Fi
l
eNameCat
egor
y

Modul
eIX–UFS1andUFS2Dat
aSt
ruct
ures
 UFS1Super
block

 UFS2Super
block

 Cy
li
nderGr
oupSummar
y

 UFS1Gr
oupDescr
ipt
or

 UFS2Gr
oupDescr
ipt
or

 Bl
ockandFr
agmentBi
tmaps

 UFS1I
nodes

 UFS2I
nodes

 UFS2Ext
endedAt
tri
but
es

 Di
rect
oryEnt
ri
es

Modul
eX–HFSconcept
sandanal
ysi
s
Modul
eXI–HFSdat
ast
ruct
ures

You might also like