Digital forensics is a process of uncovering, interpreting and recovery of files found on digital devices. There are some tools, which help in analyzing disk image and performing depth analysis of file system.
Course Materials:
Case study and image file : case study zip
autopsy tool : autopsy tool
A brief description on how to retrieve information from an image file using autopsy tool , are listed below:
·
Create
new case as given below
·
Enter
case details such as case name and directory
·
Set
case number and name of the person who is handling the scan
· Here,
case created and now add data source to add the image ( by selecting disk image
or VM file)
·
After
that add image file to the data source
·
Check
all the modules and click next
·
Now
data source has been created successfully to the given local directory
·
Process
of analyzing the image file and loading it to the data source will take some
time. After that we can check all the files by either searching keyword or
manually.
output should be like this : answers
0 comments:
Post a Comment