Security Tools Part 6 (Forensics) Flashcards
What command-line utility is used to copy disk images using a bit by bit copying process?
dd
Note: You use dd to copy a disk image of evidense so that you can use the copy to conduct your investigation
What data preview and imaging tool allows you to quickly assess electronic evidence to determine if it needs further analysis?
FTK Imager
What Linux command-line utility dumps system memory to the standard output stream, skipping over holes in memory maps?
Memdump
What commercial disk editor and universal hexadecimal editor is used for data recovery and digital forensics?
WinHex
What digital forensics platform uses a graphical interface to The Sleuth Kit and other digital forensics tools?
Autopsy