Presentation is loading. Please wait.

Presentation is loading. Please wait.

Encase Screenshots.

Published byIsaac Payne Modified over 6 years ago

Similar presentations

Presentation on theme: "Encase Screenshots."— Presentation transcript:

1 Encase Screenshots

2 Acquire

3 When you acquire evidence, you can choose from among the local devices

4 You enter details about the case (if you don’t have a case open already).

5 And you set some options about how you want to acquire the evidence in question.

6 Disk View

7 You can view a map of the sectors on the disk, showing status of each (allocated, bad, part of the FAT, etc.) and the contents of the selected block in hex and ascii.

8 File Signatures

9 The file signature feature uses heuristics to assign a type to a file using the file extension and the contents of the file.

10 General File View

11

12

13 Gallery View

14 This is an awesome feature – finds images by signature or extension and displays a catalogue of them all.

15 You can also zero-in on a single picture in the file view.

16 String, Hash Searches

17 You can search for regular expression matches

18

19 You can add hash sets to encase, and import sets from HashKeeper
You can add hash sets to encase, and import sets from HashKeeper. Once imported, you can choose which sets to employ in your searches.

20 This shows the results of matching files against hash sets
This shows the results of matching files against hash sets. The “Hash Set” column shows what “package” the file belongs to. The comments in the signature column tell you about interesting bits – for instance, logo.sys is a bitmap even though its extension is .sys.

21 Reconstruction

22

23 Registry Review

24

25 Reports

Download ppt "Encase Screenshots."

Similar presentations

Using DGIS Forms, the following tutorial will demonstrate how to create and process a shipping paper.

Using DGIS Forms, the following tutorial will demonstrate how to create and process a shipping paper.
Free Space and Allocation Issues

Free Space and Allocation Issues
CS4432: Database Systems II Hash Indexing 1. Hash-Based Indexes Adaptation of main memory hash tables Support equality searches No range searches 2.

CS4432: Database Systems II Hash Indexing 1. Hash-Based Indexes Adaptation of main memory hash tables Support equality searches No range searches 2.
An Introduction to Computer Forensics James L. Antonakos Professor Computer Science Department.

An Introduction to Computer Forensics James L. Antonakos Professor Computer Science Department.
Choose the right picture. 1 2 3 4 5 6 7 8.

Choose the right picture
File System Analysis.

File System Analysis.
Computer & Network Forensics

Computer & Network Forensics
1 of 5 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.

1 of 5 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.
Encase Overview. What is Encase EnCase Forensic is the industry standard in computer forensic investigation technology. Encase is a single tool, capable.

Encase Overview. What is Encase EnCase Forensic is the industry standard in computer forensic investigation technology. Encase is a single tool, capable.
1 Agenda Views Pages Web Parts Navigation Office Wrap-Up.

1 Agenda Views Pages Web Parts Navigation Office Wrap-Up.
Classes and objects Practice 2. Basic terms  Classifier is an element of the model, which specifies some general features for a set of objects. Features.

Classes and objects Practice 2. Basic terms  Classifier is an element of the model, which specifies some general features for a set of objects. Features.
Training Course 2 User Module Training Course 3 Data Administration Module Session 1 Orientation Session 2 User Interface Session 3 Database Administration.

Training Course 2 User Module Training Course 3 Data Administration Module Session 1 Orientation Session 2 User Interface Session 3 Database Administration.
Vendor Module Screens. Screen 1 - Vendor Material This feature allows VENDOR to enter PO and list all the material from that vendor. This will help vendor.

Vendor Module Screens. Screen 1 - Vendor Material This feature allows VENDOR to enter PO and list all the material from that vendor. This will help vendor.
CarePlace – a great way to profile your service. What is CarePlace? CarePlace is a web based information and advice directory profiling and promoting.

CarePlace – a great way to profile your service. What is CarePlace? CarePlace is a web based information and advice directory profiling and promoting.
WDV 331 Dreamweaver Applications Find and Replace Dreamweaver CS6 Chapter 20.

WDV 331 Dreamweaver Applications Find and Replace Dreamweaver CS6 Chapter 20.
Ecomdash Ecomdash Academy Lesson Plan Creating a Amazon listing 1:08 / 4:27.

Ecomdash Ecomdash Academy Lesson Plan Creating a Amazon listing 1:08 / 4:27.
Bits, Bytes, Files, Hard Drives. Bits, Bytes, Letters and Words ● Bit – single piece of information ● Either a 0 or a 1 ● Byte – 8 bits of information.

Bits, Bytes, Files, Hard Drives. Bits, Bytes, Letters and Words ● Bit – single piece of information ● Either a 0 or a 1 ● Byte – 8 bits of information.
Build Your Own Website Review of week 3 Editing your header Editing your header Creating and navigating to hidden pages Creating and navigating to hidden.

Build Your Own Website Review of week 3 Editing your header Editing your header Creating and navigating to hidden pages Creating and navigating to hidden.
File Storage Organization The majority of space on a device is reserved for the storage of files. When files are created and modified physical blocks are.

File Storage Organization The majority of space on a device is reserved for the storage of files. When files are created and modified physical blocks are.
Obtaining MISR Data and Information Nancy Ritchey Atmospheric Science Data Center March 20, 2006.

Obtaining MISR Data and Information Nancy Ritchey Atmospheric Science Data Center March 20, 2006.

Similar presentations

Ads by Google