Index
A
- account information, Registry Viewer
- viewing / Account information
- Add button / Column settings
- Additional Analysis feature
- about / The Additional Analysis feature
- Also include option / Creating and managing bookmarks
B
- Biographical Dictionary Generator
- function / Creating and managing dictionaries
- Bookmark Comment option / Creating and managing bookmarks
- Bookmark Name option / Creating and managing bookmarks
- bookmarks
- about / Creating and managing bookmarks
- creating / Creating and managing bookmarks
- creating, options / Creating and managing bookmarks
C
- Cache Common Filters option / Case processing options
- Capture Memory
- about / The Capture Memory feature
- Carved Files / Carving the data
- case report
- creating / Reporting the case
- Cerberus
- about / Malware triage and analysis with Cerberus
- threat analysis / Malware triage and analysis with Cerberus
- static analysis / Malware triage and analysis with Cerberus
- using / Malware triage and analysis with Cerberus
- results, visualizing / Malware triage and analysis with Cerberus
- Cerberus Analysis option / Case processing options
- column settings / Column settings
- components, DNA
- Supervisor / DNA
- compound files
- mounting / Mounting compound files
- e-mail files / Mounting compound files
- compressed files / Mounting compound files
- system files / Mounting compound files
- expanding / Mounting compound files
- compressed files / Mounting compound files
- computer forensics
- about / Introducing computer forensics and FTK
- steps / Introducing computer forensics and FTK, Preparation, Reports and presentation
- preparation, steps / Preparation
- technical trainings / Preparation
- procedural trainings / Preparation
- preservation / Acquisition and preservation
- acquisition, tools / Acquisition and preservation
- analyzing, reasons / Analysis
- Create Thumbnails for Graphics option / Case processing options
- Create Thumbnails for Videos option / Case processing options
- CSV File Listing option / Case processing options
D
- Data Carve option / Case processing options
- data carving
- about / Carving the data
- selecting / Carving the data
- creating / Carving the data
- data storage media
- about / Data storage media
- magnetic media / Data storage media
- optical media / Data storage media
- alternative media / Data storage media
- data visualization
- about / Data visualization
- file data / Data visualization
- e-mail data / Data visualization
- Internet browser history / Data visualization
- opening / Data visualization
- Time line pane component / Data visualization
- Dashboard component / Data visualization
- Data list pane component / Data visualization
- Decrypt Credant Files option / Case processing options
- dictionaries
- creating, with dictionary utility / Creating and managing dictionaries
- modifying, with dictionary utility / Creating and managing dictionaries
- Dictionary Browser
- function / Creating and managing dictionaries
- Dictionary Info
- function / Creating and managing dictionaries
- Dictionary Tools
- Dictionary Browser / Creating and managing dictionaries
- Dictionary Info / Creating and managing dictionaries
- Biographical Dictionary Generator / Creating and managing dictionaries
- Pass-phrase Dictionary Generator / Creating and managing dictionaries
- Permutation Dictionary Generator / Creating and managing dictionaries
- Standard Dictionary Generator / Creating and managing dictionaries
- Golden Dictionary Merge / Creating and managing dictionaries
- dictionary utility
- used, for modifying dictionaries / Creating and managing dictionaries
- used, for creating dictionaries / Creating and managing dictionaries
- DNA
- URL, for downloading / An overview of PRTK
- about / DNA
- Documents checkbox / Refining the case evidence
- downloading
- FTK / Downloading FTK
- DPE
- about / Distributed processing
- dtSearch Text Index option / Case processing options
E
- e-mail files / Mounting compound files
- EFS encryption
- detecting / Detecting the EFS encryption
- EID
- about / Explicit Image Detection
- executing / Explicit Image Detection
- Entropy Test option / Case processing options
- evidence item
- adding / Adding and previewing an evidence item
- previewing / Adding and previewing an evidence item
- Evidence Refinement (Advanced) feature / Refining the case evidence
- Evidence tree viewer / The FTK interface
- Expand Compound Files option / Case processing options
F
- File Comment option / Creating and managing bookmarks
- File content viewer / The FTK interface
- File list viewer / The FTK interface
- files
- exporting / File and folder export
- File Signature Analysis option / Case processing options
- File to Include option / Creating and managing bookmarks
- filters
- working with / Working with filters
- creating / Working with filters
- Filter toolbar / Working with filters
- Flag Bad Extensions option / Case processing options
- Flag Duplicate Files option / Case processing options
- folders
- exporting / File and folder export
- forensic image
- creating, FTK Imager used / Acquisition tools
- creating / Creating forensic images
- mounting / Mounting the image
- FTK / Introducing computer forensics and FTK
- downloading / Downloading FTK
- prerequisites / Prerequisites for FTK
- installing / Installing FTK and the database
- installing, steps / Installing FTK and the database
- running, for first time / Running FTK for the first time
- Registry Viewer, integrating with / Integrating with FTK
- columns settings templates, accessing / Column settings
- FTK 5
- FTK 5, features
- distributed processing / Distributed processing
- encryption support / Encryption support
- data visualization / Data visualization
- single-node enterprise / The Single-node enterprise
- advanced volatile / Advanced volatile and memory analysis
- memory analysis / Advanced volatile and memory analysis
- wxplicit Image detection / Explicit Image Detection
- malware triage / Malware triage and analysis with Cerberus
- threat analysis / Malware triage and analysis with Cerberus
- MPE / Mobile Phone Examiner
- FTK Imager
- used, for creating forensic image / Acquisition tools
- image formats / Image formats
- interface / The FTK Imager interface
- FTK Imager functionality
- evidence item, adding / Adding and previewing an evidence item
- evidence item, previewing / Adding and previewing an evidence item
- forensic image, creating / Creating forensic images
- forensic image, mounting / Mounting the image
- Capture Memory feature / The Capture Memory feature
- protected files, obtaining / Obtaining the protected files
- EFS encryption, detecting / Detecting the EFS encryption
- FTK Interface
- about / The FTK interface
- Menus/Toolbar option / The FTK interface
- Tabs option / The FTK interface
- Evidence tree viewer / The FTK interface
- File list viewer / The FTK interface
- File content viewer / The FTK interface
- Fuzzy Hash option / Case processing options
G
- Generate Common Video File option / Case processing options
- Golden Dictionary Merge
- function / Creating and managing dictionaries
H
- hash / Narrowing the case with KFF
- HTML File Listing option / Case processing options
I
- image formats
- supported by FTK Imager / Image formats
- Include Deleted Files option / Case processing options
- Index Refinement (Advanced) feature / Refining the case evidence
- index search
- about / The Index Search and Live Search options
- performing / The Index Search and Live Search options
- installation
- interface, FTK Imager / The FTK Imager interface
- menu bar / The menu bar
- toolbar / The toolbar
- view panes / The view panes
- interface, PRTK
- functions / Understanding the PRTK interface
- investigation case
- creating / Creating a new investigation case
- FTK interface / The FTK interface
- processing options / Case processing options
- evidence, refining / Refining the case evidence
- investigation case evidence
- refining options, setting / Refining the case evidence
K
- KFF
- about / Narrowing the case with KFF
- using / Narrowing the case with KFF
- database, importing / Narrowing the case with KFF
- running / Narrowing the case with KFF
- results, using / Narrowing the case with KFF
- KFF Alert Files / Narrowing the case with KFF
- KFF Ignore Files / Narrowing the case with KFF
- KFF option / Case processing options
L
- language Identification option / Case processing options
- live search
- about / The Index Search and Live Search options
- conducting / The Index Search and Live Search options
M
- Match Fuzzy Hash Library option / Case processing options
- MD5 Hash option / Case processing options
- memory analysis
- starting / Advanced volatile and memory analysis
- menu bar, FTK Imager interface / The menu bar
- Meta Carve option / Case processing options
- MPE
- about / Mobile Phone Examiner
- smartphone analysis sample / Mobile Phone Examiner
N
- National Institute of Standards and Technology (NIST) / Narrowing the case with KFF
- new user
- adding / Managing groups and users
- rights, assigning / Managing groups and users
- password, changing / Managing groups and users
O
- Optical Character Recognition (OCR) option / Case processing options
P
- Pass-phrase Dictionary Generator
- function / Creating and managing dictionaries
- password recovery, PRTK
- profile, managing / Managing profiles
- Password Recovery Toolkit (PRTK) / Encryption support
- Perform Automatic Decryption option / Case processing options
- Permutation Dictionary Generator
- function / Creating and managing dictionaries
- PhotoDNA option / Case processing options
- processing options, investigation case
- about / Case processing options
- MD5 Hash / Case processing options
- SHA-1 Hash / Case processing options
- SHA-256 Hash / Case processing options
- Fuzzy Hash / Case processing options
- Match Fuzzy Hash Library / Case processing options
- Flag Duplicate Files / Case processing options
- KFF / Case processing options
- PhotoDNA / Case processing options
- Expand Compound Files / Case processing options
- File Signature Analysis / Case processing options
- Flag Bad Extensions / Case processing options
- Entropy Test / Case processing options
- dtSearch Text Index / Case processing options
- Create Thumbnails for Graphics / Case processing options
- Create Thumbnails for Videos / Case processing options
- Generate Common Video File / Case processing options
- HTML File Listing / Case processing options
- CSV File Listing / Case processing options
- Data Carve / Case processing options
- Meta Carve / Case processing options
- Optical Character Recognition (OCR) / Case processing options
- Explicit Image Detection / Case processing options
- Registry Reports / Case processing options
- Include Deleted Files / Case processing options
- Cerberus Analysis / Case processing options
- Send Email Alert on Job Completion / Case processing options
- Decrypt Credant Files / Case processing options
- Cache Common Filters / Case processing options
- Perform Automatic Decryption / Case processing options
- language Identification / Case processing options
- Process Internet Browser History for Visualization option / Case processing options
- profile
- about / Managing profiles
- protected files
- obtaining / Obtaining the protected files
- PRTK
- URL, for downloading / An overview of PRTK
- password recovery / Starting a session for password recovery
- PRTK interface
- functions / Understanding the PRTK interface
R
- regex / Regular expressions
- Registry Reports option / Case processing options
- Registry Summary Reports (RSR) / Case processing options
- Registry Viewer
- features / The main feature of Registry Viewer
- report, generating / Generating a report
- integrating, with FTK / Integrating with FTK
- Time Zone, setting / Identifying the Time Zone setting
- account information, viewing / Account information
- report, Registry Viewer
- generating / Generating a report
- Report Outline box / Reporting the case
S
- Select Bookmark Parent option / Creating and managing bookmarks
- Send Email Alert on Job Completion option / Case processing options
- SHA-1 Hash option / Case processing options
- SHA-256 Hash option / Case processing options
- single-node enterprise
- about / The Single-node enterprise
- using / The Single-node enterprise
- Standard Dictionary Generator
- function / Creating and managing dictionaries
- static analysis / Malware triage and analysis with Cerberus
- Supervisor / DNA
- Supplementary Files option / Creating and managing bookmarks
- system files / Mounting compound files
T
- threat analysis / Malware triage and analysis with Cerberus
- Timeline Bookmark option / Creating and managing bookmarks
- Time Zone
- setting / Identifying the Time Zone setting
- time zone
- changing / Changing the time zone
- Time Zone option / Creating a new investigation case
- toolbar, FTK Imager interface / The toolbar
V
- view panes, FTK Imager interface / The view panes
- volatile data
W
- Windows registry files
- structure / Understanding the Windows registry structure
- Worker / DNA