{
    "id": "261e0416-dd4b-4c96-84c7-367ba192e1a3",
    "name": "How to Acquire Data Using Linux",
    "slug": "how-to-acquire-data-using-linux",
    "status": "published",
    "lab_type": "github",
    "is_sample": false,
    "duration_in_seconds": 1200,
    "metadata": {},
    "session": null,
    "company": "a491bc32-c056-4946-9169-cc053387bada",
    "created": "2022-08-26T20:31:57.223636Z",
    "modified": "2024-04-30T14:36:21.400213Z",
    "is_beta": false,
    "lab_objectives": [],
    "main_learning_area": "3e1aa06f-2e9f-4789-b50d-aa027ad8dcfa",
    "learning_areas": [
        {
            "id": "3e1aa06f-2e9f-4789-b50d-aa027ad8dcfa",
            "name": "Cyber Security",
            "slug": "cyber-security"
        }
    ],
    "categories": [],
    "tags": [],
    "difficulty": null,
    "is_web_access": false,
    "is_lab_experience": false,
    "is_featured": false,
    "cve": null,
    "severity": null,
    "year": null,
    "classification": null,
    "external_url": "https://github.com/ine-content/INE-Public/blob/main/Labs/Lab%202%20-%20How%20to%20Acquire%20Data%20using%20Linux.md",
    "solution_video": null,
    "explanation_video": null,
    "description": "# Scenario\n\nIn this **offline** exercise, we will go through the process of preparing our evidence storage environment, and collecting the most important data from an offline (dead-box) hard disk drive in order to use it later on for analysis and investigations.\n\nThe scope of this lab is using a Linux operating system (<u>that you will set up locally</u>) to perform image acquisition of a hard disk drive.\n\n# Goals\n\n-   Prepare an evidence storage environment\n\n-   Use Linux to prepare forensic images\n\n-   Hash files and drives for validation\n\n-   Bonus: copy forensic images to CD/DVDs\n\n# What you will learn\n\n-   How to prepare the evidence storage (target) environment to store evidence\n\n-   How to organize your evidence storage\n\n-   How to use different Linux tools to create forensic images\n\n-   How to hash files and drives and why\n\n-   How to compress and split forensic images to be stored on CD/DVD drives\n\nTo guide you throughout the lab process, you will find different Tasks. Tasks are designed for educational purposes, as well as to show you the usage of different tools and different methods to achieve the same goal. Please note that Tasks are not meant to be used as a methodology.\n\nArmed with the knowledge acquired from the content and the skills acquired from the Task(s), you can achieve the Lab goal. If this is the first time doing a lab, we advise that you follow these Tasks.\n\nOnce you have completed all Tasks, you can proceed to the end of the lab manual and check the solutions.\n\n# Recommended tools\n\n-   **Virtualbox**\n\n-   **Linux operating system with dd**\n\n-   **Different Linux CLI Commands**\n\n-   **The dcfldd tool**\n\n# The lab set up, tasks & solutions are in the Github Repo Link on the right.",
    "description_html": "<h1>Scenario</h1>\n<p>In this <strong>offline</strong> exercise, we will go through the process of preparing our evidence storage environment, and collecting the most important data from an offline (dead-box) hard disk drive in order to use it later on for analysis and investigations.</p>\n<p>The scope of this lab is using a Linux operating system (<u>that you will set up locally</u>) to perform image acquisition of a hard disk drive.</p>\n<h1>Goals</h1>\n<ul>\n<li>\n<p>Prepare an evidence storage environment</p>\n</li>\n<li>\n<p>Use Linux to prepare forensic images</p>\n</li>\n<li>\n<p>Hash files and drives for validation</p>\n</li>\n<li>\n<p>Bonus: copy forensic images to CD/DVDs</p>\n</li>\n</ul>\n<h1>What you will learn</h1>\n<ul>\n<li>\n<p>How to prepare the evidence storage (target) environment to store evidence</p>\n</li>\n<li>\n<p>How to organize your evidence storage</p>\n</li>\n<li>\n<p>How to use different Linux tools to create forensic images</p>\n</li>\n<li>\n<p>How to hash files and drives and why</p>\n</li>\n<li>\n<p>How to compress and split forensic images to be stored on CD/DVD drives</p>\n</li>\n</ul>\n<p>To guide you throughout the lab process, you will find different Tasks. Tasks are designed for educational purposes, as well as to show you the usage of different tools and different methods to achieve the same goal. Please note that Tasks are not meant to be used as a methodology.</p>\n<p>Armed with the knowledge acquired from the content and the skills acquired from the Task(s), you can achieve the Lab goal. If this is the first time doing a lab, we advise that you follow these Tasks.</p>\n<p>Once you have completed all Tasks, you can proceed to the end of the lab manual and check the solutions.</p>\n<h1>Recommended tools</h1>\n<ul>\n<li>\n<p><strong>Virtualbox</strong></p>\n</li>\n<li>\n<p><strong>Linux operating system with dd</strong></p>\n</li>\n<li>\n<p><strong>Different Linux CLI Commands</strong></p>\n</li>\n<li>\n<p><strong>The dcfldd tool</strong></p>\n</li>\n</ul>\n<h1>The lab set up, tasks &amp; solutions are in the Github Repo Link on the right.</h1>",
    "tasks": "",
    "tasks_html": "",
    "published_date": "2020-10-20T15:32:26Z",
    "solutions": "",
    "solutions_html": "",
    "flags": [],
    "min_points_to_pass": null,
    "access_type": "default",
    "user_status": "unstarted",
    "user_lab_status": null,
    "user_status_modified": null,
    "user_flags": []
}