This workshop was developed to provide an introduction to the exciting and growing field of computer crime investigations and computer forensics.
- Course Outline
This workshop was developed to provide an introduction to the exciting and growing field of computer crime investigations and computer forensics. It is designed to train investigators in electronic discovery and the fundamentals of conducting an effective computer forensic examination.
The workshop provides an introduction to the field of computer forensics and the basis for gathering electronic digital artifacts. Participants are introduced to the concepts, situations and personalities they may encounter while investigating an incident.
Computer Forensic Analysis is ideal for someone new to the computer forensic field. However, this course is also valuable to someone who has been in the field for a while and would like to brush up on a few topics. The attendee will learn through instruction and practical exercises sound forensic imaging procedures, how to conduct examinations, and validate forensic operations as well as how to report findings in a clear and concise manner.Audience
The "Computer Forensic Analysis" workshop is specifically designed for corporate and government personnel who, in the performance of their duties may be asked to conduct a basic digital forensic examination. This workshop is essential to information security, risk management, loss prevention, corporate security and law enforcement personnel who encounter digital evidence while conducting an investigation.How You Will Benefit
This workshop examines and teaches the methodology for conducting a computer forensic examination.
Upon completion of this course, participants will have the skills and knowledge to perform forensically sound computer examinations and to clearly and concisely report on their findings.What will you get?
- Fundamentals of computer crime investigations and computer forensics
- State of the art, current research
- Hands on labs that are designed to train government, corporate, military and law enforcement investigators to conduct legally approved forensics methodology for electronic discovery and digital evidence gathering
- Fundamentals of conducting an effective computer forensic examination
- Incident investigation Forensic examination
- Electronic discovery and digital evidence
- Tools of the trade
- Seizure concepts
- Bit-by-bit imaging digital media and preserving the integrity of the image
- Hiding and discovering potential evidence Recovering, categorizing and analyzing data
- Understanding anti-forensics and steganography
- Identifying and reconstructing information within various file systems
- Recovering electronically stored data for civil litigation
- Conducting an investigation into a complaint of sexual harassment
- Investigating a misappropriations of proprietary information complaints
- Evaluate the scene
- Collect important data and information
- Document what is relevant Interview personnel
- Maintain chain-of-custody Write a report of findings
- How a computer has been used
- What data is stored on the hard drive?
- Has data been copied off of the computer?
- What websites have been visited?
- What e-mails have been sent and received?
- What data has been deleted, and why?
- Fundamentals of Computer Forensics
- Computer Crimes and Criminals
The Legal System
- Legalese, Warrants, Case Law and Courtroom Testimony
- Initial Contact
- First Responder
- Law, Investigations, Standards and Ethics
- Criminal Incidents
- Civil Incidents
- Computer Fraud
- Internal Threats
- External Threats
Digital Evidence Presentation
- The Best Evidence Rule
- Digital Evidence: Hearsay
- Authenticity and Alteration
- Case Documentation
- First Responder
- Seizing Assets
- Hardware Recognition
- Incident / Equipment Location
- Available Response Resources
- Securing Digital Evidence
- Chain of Custody
- Potential Digital Evidence
- Lab Planning and Funding
- Court Room Testimony
- Disk Based Operating Systems
- OS and File Storage Concepts
- Disk Storage Concepts
- Slack Space
- File Management
- File Formats
- Operating Systems
- Boot Sequences
- Forensic Boot Disk
- File & Data Compression
- BIOS & Password Bypass
- Physical Disk Structures
- Logical Disk Structures
- RAID and Large Storage
- Digital Acquisition
- Digital Acquisition Procedures
- Digital Forensic Analysis Tools
- Hashing/Hash Sets
- Sterile Media and Validation
- Forensic Backup Theory
- Forensic Hardware
- Disk Write Blockers and Imagers
- EXT 2 & 3
Forensic Examination Protocols
- What is Forensic Science?
- Applying the Scientific Method
- Cardinal Rules
- Tools of the Trade
- Forensic Tools
- Anti-Forensic Tools
Digital Evidence Protocols
- Digital Evidence Concepts
- Active Data
- Archival Data
- Backup Data
- Residual Data
- Background Data
Protocols and Architectures
- Network Protocols and Architectures
- Protocols and Network Artifacts
- Internet Artifacts - Browsers, history cache & cookies
- Email Headers and Email recovery
- Chat and IM (IRC, AIM, ICQ)
- Peer-to-Peer File Sharing
- On-Line Investigations
OS Evidence - Artifacts and Remnants
- File Headers
- File/Data Compression
- BIOS and Password Bypass
- Windows Registry, Artifacts and Remnants
- Prerequisites & Certificates
This course has been created to ensure the student has the required skill set to perform forensically sound computer examination and document the findings in a clear concise report. Participants must be familiar with common computer functions. This workshop caters to those with no previous experience in computer forensics.
CPE Credit Information All participants are eligible to receive CPE credits. These credits are recognized by ISACA for CISA and CISM and (ISC)2 for CISSP continuing professional education hours and, where appropriate, by other professional organizations. Attendees are urged to contact their certifying body to determine eligibility. Student Materials The student kit includes a comprehensive workbook and other necessary materials for this class.
- Cancellation Policy
10 business day cancellation policy. if the course is confirmed and the student cancels within 10 days of the course, then they get charged and apply a credit for future courses. If they cancel outside of 10 business days, then there are no charges at all.
- Map & Reviews
[ View Provider's Profile ]
ReviewsHere are some reviews of the training vendor.
This course has not yet been rated by one of our members.
If you have taken a course through this vendor please log into your account and leave feedback for this vendor. You will be helping ensure our members get directed to the best training facilities.
This course currently does not have any dates scheduled. Please call 1-877-313-8881 to enquire about future dates or scheduling a private, in house course for your team.
This page has been viewed 1525 times.