The students will build their own SAFEs, copy the files needed to complete the process, send those files to Opentext, and complete the SAFE build
Included in the build will be firewall configuration, which will result in the SAFE running on each of the student systems
Using the SAFEs that the students built, they will logon the first time. The students will learn how to configure the EnCase® Examiner, make successful connections, backup the SAFE, and conduct basic troubleshooting activities.
The students will learn the purpose and function of servlets. They will walk through the installation and deployment processes on single and multiple machines, and they will
confirm that the servlet is running correctly
They will reinforce these skills by participating in a practical exercise
The students will learn how to create new network entries as well as add roles and users
Día 2
The students will create a new GPO and edit the firewall port exceptions
The students will utilize their installed EnCase Enterprise to preview the content of hard drive(s) contained on network nodes that are running their servlets
The students will become familiar with the acquisition options, techniques, and functionality available in EnCase Enterprise
The students will use their SAFEs and the Snapshot function to take a ‘snapshot’ of a target machine and review and examine the resulting volatile data
Día 3
The students will learn how to create and use filters and conditions to identify running and potentially suspicious processes
The students will identify a rogue process, analyze its footprint, and examine the memory associated with it
The students will receive an introduction to the servlet check-in feature, learning how to setup the configuration for the servlet and the SAFE, and interacting with the servlet through the check-in feature
Día 4
The students will increase their understanding of the e-discovery process and skill set using EnCase Enterprise to identify pertinent data
They will walk through an e-discovery process and locate and compile responsive data
Encryption
The students will be given an understanding of the available options when trying to decipher encrypted data and the likelihood of success from these efforts
They will view practical examples practical examples of the different decryption methodologies available:
Identifying and decrypting an encrypted ZIP archive and TrueCrypt volume file
Identifying and recovering Protected Storage Area data and Windows® user names and passwords
EnCase Enterprise bookmarking and advanced reporting techniques
The students will gain an understanding of bookmarking concepts and learn how to create bookmarks from highlighted and Snapshot data
They will create different types of bookmarks and acquire an understanding of how they are used
They will use templates included with EnCase Enterprise to create basic reports
They will customize templates for specialized reports