Forensic investigator, Part 09 of 10: Cloud and Web Forensics

Course description

The Cloud is everywhere and along with it comes unique challenges for an investigator such as Infrastructure as a service, jurisdictional issues, data locations and web applications. Who owns the data? is it in the same country? how do you find it? This course will guide you through some of these challenges, threats and pitfalls of investigating in the cloud.

Each LearnNowOnline training course is made up of Modules (typically an hour in length). Within each module there are Topics (typically 15-30 minutes each) and Subtopics (typically 2-5 minutes each). There is a Post Exam for each Module that must be passed with a score of 70% or higher to successfully and fully complete the course.

Prerequisites

This is part 9 of the series.

Meet the expert

David Bigger

David Bigger is the lead trainer at Bigger IT Solutions. He has been information technology for a little over 20 years and has been training all over the US. He has worked with companies like US Military, Lockheed Martin, General Dynamics, Dominos Pizza, University of Utah and Expedia

Video Runtime

102 Minutes

Time to complete

122 Minutes

Course Outline

Cloud and Web Forensics

Cloud Review (16:58)

• Introduction (00:18)
• Cloud Review (05:45)
• Cloud Review (Cont.) (00:47)
• IaaS (02:26)
• PaaS (01:58)
• SaaS (02:06)
• Deployment Models (02:28)
• Cloud Forensics (00:51)
• Summary (00:15)

Cloud Threats (13:56)

• Introduction (00:22)
• Cloud Computing Threats (02:22)
• Insecure Interfaces and APIs (02:23)
• Malicious Insiders (01:09)
• Policy and Procedure Differences (01:22)
• Isolation Failure (01:45)
• Cloud Provider Acquisition (01:16)
• Subpoena and E-Discovery (01:39)
• VM-Level Attacks (01:16)
• Summary (00:17)

Challenges (13:29)

• Introduction (00:22)
• Challenges to Cloud Forensics (06:21)
• Challenges to Cloud Forensics (Cont.) (04:11)
• More Challenges to Cloud Forensics (02:15)
• Summary (00:17)

Dropbox Example (08:27)

• Introduction (00:17)
• Dropbox Forensic Example (01:02)
• Dropbox (00:54)
• Dropbox Version History and Events (02:40)
• Dropbox Settings (02:31)
• Dropbox and Forensic Tools (00:44)
• Summary (00:16)

Web Application Review (05:41)

• Introduction (00:24)
• Web Application Review (01:56)
• Web Application Layers (03:06)
• Summary (00:13)

Web Threats (13:20)

• Introduction (00:22)
• Web Application Threats (02:31)
• Types of Threats (05:32)
• More Types of Threats (04:34)
• Summary (00:18)

Investigation Steps (09:37)

• Introduction (00:23)
• Investigative Steps to Follow (00:56)
• Beginning Investigation Steps (01:22)
• More Investigation Steps (03:21)
• Further Investigation Steps (01:41)
• Final Investigation Steps (01:28)
• Summary (00:23)

Windows Investigation (11:58)

• Introduction (00:21)
• Windows-Based Investigation (00:48)
• Logs (02:55)
• Command Line Tools (01:34)
• Command Line Tools to Run (Cont.) (02:47)
• More Command Line Tools (03:12)
• Summary (00:19)

Linux Investigation (08:53)

• Introduction (00:22)
• Linux-Based Investigation (01:37)
• Apache Logs (01:24)
• Error and Access Logs (01:39)
• Common Log Format (03:30)
• Summary (00:18)