Currently, computers are increasingly user for illicit activities, in this scenario, as such it is necessary for respond incidents of security to use Computer Forensics best practices, even if not a formal criminal investigation take place. This article how about post mortem forensic of medias especially the hard disks. Several tests and evaluations can be do in each layer of abstraction, in order to recovery data with quality to identify evidence . This evidence can be block of data or even a file related to the security incident being investigated that will henceforth be treated as an artifact. It is true that to perform a forensic analysis, to demand methodology and also appropriate tools.About the Methodology Analysis in Five Layers that proposing a treatment in each layer of abstraction allowing the identification of each data that can be relevant in the analysis of incident and to meet the need of appropriate tools, the use FOSS tools, is an interesting alternative, since the number of projects developed by this community, for computer forensic, is significant and of sufficient quality to allow the realization of all the forensic computational process.
Who should attend:
Law enforcement officers, federal agents, or detectives who want to master computer forensics and expand their investigative skillset to include data breach investigations, intrusion cases, and tech-savvy cases
Incident response team members who are responding to complex security incidents/intrusions and need to utilize computer forensics to help solve their cases
Computer Forensic professionals who want to solidify and expand their understanding of file system forensic and incident response related topics
Information security professionals with some background in hacker exploits, penetration testing, and incident response
Information security managers who would like to master digital forensics in order to understand information security implications and potential litigation related issues or manage investigative teams
