Over the course of the day, attendees in the beginner track will participate in a range of activities meant to introduce the BitCurator environment and prepare participants for the proceedings on Day 2 of the User Forum. The morning will start with a brief introduction to digital forensics and how it relates to the work performed in libraries, archives, and museums (note: due to time constraints and subject complexity, this introduction cannot be comprehensive). The introduction touches on the foundational concepts of forensic analysis, defines terms that will recur throughout the day, and closes by tying those concepts broadly to archival practice. Following the introduction, the remainder of the morning will consist of a tour of the BitCurator environment, including the various GUI and command-line tools included in the environment. Participants will be invited to follow along on their own computers.

In the afternoon, a series of group and individual exercises will give participants the opportunity to run the core set of forensics tools on sample disk images and reflect on those experiences. The bulk of the exercises will be focused on the core set of BitCurator tools. Exercises and discussion will address running bulk_extractor, analyzing its reports, and the decision points raised by them; running fiwalk and exploring the metadata it generates; and running the BitCurator Reporting Tool and comparing the reports to those generated by bulk_extractor and fiwalk. A secondary set of exercises will be devoted to the additional tools included in the BitCurator environment. This latter group will be more discussion based, as the tools themselves are in varying states of support or maintenance, with the primary goal of communicating to participants the range of possibilities available to BitCurator users with these and other tools available in Linux environments.

Participants should bring a laptop computer that satisfies the minimum requirements for running BitCurator in a virtual machine. Further, participants should have downloaded the BitCurator environment. Time at the beginning of the day will be set aside to troubleshoot as much as possible; however, downloading the software over a wireless connection takes a fair amount of time and should be performed in advance of the Forum.