Forums
Main Category
General (Technical,...
check list for FTK/...
 
Notifications
Clear all

check list for FTK/EnCase

 
General (Technical, Procedural, Software, Hardware etc.)
Last Post by mrpumba 14 years ago
4 Posts
3 Users
0 Reactions
874 Views
RSS
mrpumba
 mrpumba
(@mrpumba)
Estimable Member
Joined: 15 years ago
Posts: 116
Topic starter 04/08/2011 10:33 pm  

Is anyone using a check list for processing a case using FTK or EnCase. If so, would you be willing to share your procedure.


   
Quote
 kovar
(@kovar)
Prominent Member
Joined: 18 years ago
Posts: 805
04/08/2011 10:53 pm  

Greetings,

Here is a slightly old workflow document I developed for EnCase. It is *just* a guideline - I always deviate from it to some degree depending on the investigation.

https://integriography.wordpress.com/2009/12/13/encase-workflow-guidelines/

-David


   
ReplyQuote
Fab4
 Fab4
(@fab4)
Estimable Member
Joined: 18 years ago
Posts: 173
04/08/2011 10:55 pm  

The Official EnCase Certified Examiner Study Guide (ISBN-10 0470901063) from Steve Bunting suggests a decent generic process for EnCase in the final chapter. Clearly this can be easily adapted for FTK as clearly your methodology is king.


   
ReplyQuote
mrpumba
 mrpumba
(@mrpumba)
Estimable Member
Joined: 15 years ago
Posts: 116
Topic starter 05/08/2011 5:20 am  

Thanks Fab4 and Kovar, I'll check out the link and look into Steve Bunting's article. Since both cover Encase - I would like to see what others have for FTK.


   
ReplyQuote
Forum Jump:
  Previous Topic
Next Topic  
Share: