ax200 cil – axiom examinations

Język szkolenia:English


Magnet AXIOM Examinations (AX200) is an intermediate-level course, designed for participants who are familiar with the principles of digital forensics and seeking to use Magnet AXIOM for their investigations.

The course is a training of a digital investigation platform that includes cases of smartphones, tablets, computers, data in the cloud, in one interface of cooperation. Students will gain a deep understanding of the benefits AXIOM’s “artifact first” offer in optimizing investigative efficiency.

Each module of instruction employs extensive scenario-based exercises, to reinforce the learning objectives, and further enhance the participant’s understanding of AXIOM’s functionality, and its application within the forensic workflow.


Duration: 4 days

  • Installation of AXIOM and its core components, AXIOM Process and AXIOM Examine
  • Configuration of AXIOM Process for the optimal acquisition and processing of digital evidence, including the Single Stage Evidence Processing capabilities of AXIOM
  • Identification and decryption of encrypted evidence images such as Bitlocker encrypted drives
  • Analyzing case data in AXIOM Examine to focus on Artifact identification, extraction, further investigation, and validation
  • Use of Magnet.AI to automatically categorize images into known categories to reduce the examiner’s time spent manually categorizing them
  • Use of AXIOM Process to demonstrate basic iOS and Android imaging capabilities including the ingestion and examination of iOS and Android backups
  • Utilization of hash sets, keywords, regular expressions, and filters to identify key artifacts
  • Using Connections Explorer to automatically link artifacts to each other to better tell the story of the artifact and its existence on the suspect’s devices
  • Utilize the functionality of AXIOM Process to leverage Project VIC and CAID files as well as PhotoDNA to categorize images automatically
  • Navigation within the evidence set utilizing multiple Explorers within AXIOM include Case Dashboard, Artifact, File System, Registry, and Connections
  • Using the Dynamic App Finder to discover SQLite databases and extract data from within and keep templates of those databases for use in future examinations
  • Application of tags and comments to prepare case evidence for exporting and reporting
  • Using AXIOM Examine’s visualization tools such as the timeline and worldmap views to emphasize user’s behavior patterns
  • Enhance participant understanding of key artifacts; their locations and formats; the user and system behaviors which created them; and, the manner in which AXIOM recovers them
  • Building intuitive reports and sharing and managing portable cases with stakeholders


  • You will have the knowledge and skills they need to acquire forensic images from computers, tablets, smartphones, and cloud evidence.
  • You will configure the Magnet AXIOM Process to recover the most-relevant artifacts.
  • You will Use Magnet AXIOM Examine to explore the evidence in greater depth, simplifying analysis activities by intuitively linking facts and data.
  • You will prepare key artifacts for collaboration with other stakeholders.

what could you

  • Practice and theoretical training
  • Training materials
  • Chance to get known possibilities of MSAB tools
  • A certificate of completion
  • A pass to the next levels: intermediate and advanced training

who is the
course for?

  • Service employees, policemen and persons with tasks related to computer forensics within the scope of their duties.
  • Forensic analysts.
  • Court experts, people responsible in corporations for responding to IT incidents, IT security specialists.
  • Employees of IT security and SOCs departments in companies.
Dariusz Hajka<br />
Key Account Manager
contact us:
Dariusz Hajka
Key Account Manager