About this tutorial:
Video duration: 44:30
This is the first tutorial of the Computer forensics course at Duckademy. To do computer forensics, understanding the NTFS file system and the inner workings of resident and non-resident files is a must. To DOWNLOAD the evidence files and the commands used in the tutorial go to
The goal of the Computer forensics course is to teach you how to collect evidence in case of an incident and to investigate how the intruders came in, what data they have stolen, if they have harmed your system.
In addition we will give you advice on what you can do to block the next…