There's only three exercises at this point. Hopefully, that'll
improve over time. A summary of each exercise is given below.
This exercise directs the student to build and install FTimes, a
system baselining and evidence collection tool. Once, FTimes has
been built and installed, the student will become familiar with
the tool's various modes of operation.
This exercise directs the student to extract the Master Boot
Record (MBR) from an image file and decode its partition table.
Once the table has been deciphered, the student will extract a
specified partition from the image, mount it read only, and map
it with FTimes. The latter part of this exercise requires a Linux
system configured with loopback support.
This exercise directs the student to perform hash resolution using
the HashDig tool suite. The student will create an RPM reference
database and a subject database then resolve the subject hashes
using the reference database. Finally, the resolved hashes will
be bound back to the original filenames.