ax302 – axiom ios examinations
MODULE 1 – COURSE INTRODUCTION
Cover the basic prerequisites for Magnet AXIOM
MODULE 2 – UNDERSTANDING IOS AND APPLE’S SECURITY
Discussion-focused coverage of the iOS operating system’s security functions and structure.
Learn about device protection class keys, understanding the handset lock codes and their function, as well as other functions of the operating system.
MODULE 3 – DEVICE IMAGE TYPES & FILESYSTEM ACQUISITIONS
Compare the different methods in the industry currently to extract filesystem images of iOS devices.
Compare the different levels of filesystem images that can be acquired before and after the entering of the user’s handset lock code. Learn how to explore key artifacts within these different extraction types.
MODULE 4 – IMPORTING DATA IN MAGNET AXIOM
Understand the multiple ways to ingest information and develop a proper workflow for ingesting information from filesystem extractions.
Learn about several AXIOM functions such as Dynamic App Finder, Search for Custom Files by Type, and how to target secure messaging applications.
MODULE 5 – EXPLORING ARTIFACTS IN MAGNET AXIOM
Explore multiple artifacts, including deep diving into artifacts that are core to the iOS file system — core artifacts will be explored in depth including techniques for recovering deleted information from these databases.
Advanced file system artifacts such as PowerLog and KnowledgeC will be covered to talk about application usage times and data amounts. These and other artifacts will be explored to show examiners how to track when targets are interacting physically with a device in a specified timeframe.
Exclusive file system artifacts such as location history, third party applications, and more will also be explored.
- You will learn about key artifacts available only to the file system level extractions and not available in traditional backup style acquisition methods.
- You will learn about Apple’s security measures that are in place and discuss how they can impact acquiring different levels of file system extractions.
- You will learn about artifacts specific to the iOS full file system and its multiple levels of data protection.
- You will learn how to put someone behind a device physically interacting with it, and even sometimes where that device has been.
what could you
- Practice and theoretical training
- Training materials
- Chance to get known possibilities of MSAB tools
- A certificate of completion
- A pass to the next levels: intermediate and advanced training
who is the
- Service employees, policemen and persons with tasks related to computer forensics within the scope of their duties.
- Forensic analysts.
- Court experts, people responsible in corporations for responding to IT incidents, IT security specialists.
- Employees of IT security and SOCs departments in companies.