We offer a 2-Day hands-on, instructor-led training for Triage-G2^® (TG2).  Trainees in this forward operator forensic triage training will learn how to configure Triage-G2^®, operate the software and interpret results.

Deployment: The triage tool is ideal for special operations and forward operators as it is deployed for reconnaissance on a small, portable USB key.

Course Outline

Introductions & Getting Started

• Digital Forensic Triage Basics
• Overview of How to Use Triage-G2^®
  • Triage-G2^® Terminology – Artifact Captures
  • Triage-G2^® Terminology – File Captures
  • Triage-G2^® Search Profiles – Quick, Intermediate, and Comprehensive
  • Triage-G2^® Workflow

Setup & Installation

• Triage-G2^® software installation and the Windows Assessment and Deployment Kit (WADK)

Booting and BIOS

• Accessing BIOS/UEFI Setup
• Accessing Boot Menu
• UEFI and Fastboot Issues
• Booting Apple Macintosh computers

Capture: Conducting a Scan

• Case Study: Scanning attached media
• Case Study: Scanning drive images
• Case Study: Carrying out a boot scan
• Case Study: Carrying out a live scan

Analysis: Navigating Triage-G2

• Navigating Capture Results
• Understanding Picture, Video, Keyword, Files and Timeline Views
• Column Settings
• Filtering Captures and Picture, Video, Keyword, Files and Timeline Views
• Tagging
• Commenting

Reporting

• Case Study: Creating appropriate reports
• Reporting – HTML
• Reporting – CSV
• Reporting – Stand-alone viewer

Imaging

• Device Imaging

Advanced Issues

• Importing Search Profiles
• Implications of thorough file identification and searching within containers
• File type creation and implications
• Searching browser cache issues
• Case Study: Knowledge check

Get in touch with us today to discuss your training needs, learn more, or set up a private training for your forward operators, special forces, investigators or examiners.