Course Content

Course Content


The most recent file actions, such as creation, access, and change dates, are recorded in file system metadata. To find objects of considerable forensic value, a digital investigation looks for information on the system, metadata, and chronology analysis.

Hard discs and filesystems are the primary sources of data storage, therefore understanding them is critical when investigating a computer-based crime. When investigating a computer-based crime, retrieving deleted files from hard discs and studying filesystems is critical.

Identification of prospective evidence, acquisition of that evidence, analysis of that evidence, and finally the preparation of a report are the general phases of the forensic process.

A File system is a real world physical representation of information. What makes it more interesting is that the file system can be manipulated and changed in various ways to make it an attack vector. Such attacks are increasingly becoming a reality.

The most popular file system is the one that is located on the virtual hard disk (HDD) - called NTFS. However, there are a growing number of users who are using other file systems like ext3 and ext4. This has led to a growing concern among users that they may be at risk of security issues if they store important files on these file systems.

Recommended Courses

Share With Friend

Have a friend to whom you would want to share this course?

Download LearnVern App

App Preview Image
App QR Code Image
Code Scan or Download the app
Google Play Store
Apple App Store
598K+ Downloads
App Download Section Circle 1
4.57 Avg. Ratings
App Download Section Circle 2
15K+ Reviews
App Download Section Circle 3
  • Learn anywhere on the go
  • Get regular updates about your enrolled or new courses
  • Share content with your friends
  • Evaluate your progress through practice tests
  • No internet connection needed
  • Enroll for the webinar and join at the time of the webinar from anywhere