Post Sun Apr 23, 2006 3:48 am

Forensic Test image

If new to forensics you can find an interesting image to do practice here. A set of 31 questions is provided, anyone is free to look at the answers (before or after having found them yourselves ;) )

It's also a good way to test new or other tools given that the right answer is provided so that you can compare the results.

It's a lot of stuff to download: 7 raw images, ~650MB each or just 2 EnCase images (both together ~1 GB ). So even if you don't intend to use EnCase download the EnCase images, get FTK-Imager - it need's a dongle only to do analysis, not for imaging purposes - and convert the encase image to a raw image. It's painless and saves a lot of download time.
MCSA:Security (W2k, W2k3)
MCSE:Security (W2k, W2k3)
CPTS, Network+