Computer Forensics Training
| Commitment | 5 Days, 7-8 hours a day. |
| Language | English |
| User Ratings | Average User Rating 4.8 See what learners said |
| Price | REQUEST |
| Delivery Options | Instructor-Led Onsite, Online, and Classroom Live |
COURSE OVERVIEW
Computer Forensics Training: Take your system-based forensic knowledge onto the wire. Incorporate network evidence into your investigations, provide better findings, and get the job done faster with this •.
Forensic casework that does not include a network component is a rarity in today’s environment. Performing disk forensics will always be a critical and foundational skill for this career, but overlooking the network component of today’s computing architecture is akin to ignoring security camera footage of a crime as it was committed. Whether you handle an intrusion incident, data theft case, or employee misuse scenario, the network often has an unparalleled view of the incident. Its evidence can provide the proof necessary to show intent, or even definitively prove that a crime actually occurred.
Computer crime is here to stay. Computer Forensics Specialists are needed by today’s companies to determine the root cause of a hacker attack, collect evidence legally admissible in court, and protect corporate assets and reputation. The best way to become a forensics expert is to attend a Computer Forensics Training session with a computer forensics training expert.
WHAT'S INCLUDED?
- 5 days of Computer Forensics Training with an expert instructor
- Computer Forensics Training Course Guide
- Certificate of Completion
- 100% Satisfaction Guarantee
RESOURCES
- Computer Forensics Training – https://www.wiley.com/
- Computer Forensics Training – https://www.packtpub.com/
- Computer Forensics – https://store.logicaloperations.com/
- Computer Forensics Training – https://us.artechhouse.com/
- Computer Forensics Training – https://www.amazon.com/
RELATED COURSES
- Cloud Security Fundamentals Training
- Critical Information Infrastructure Protection Training (CIIP)
- CyberSAFE (Securing Assets for End-Users) Training
- CyberSec First Responder: Threat Detection and Response Training
- Cybersecurity Foundations Training
- Cyber Threats Detection and Mitigation Training
- Cyber Threats Hunting (CCTHP) Training
- Cybersecurity Investigations and Network Forensics Analysis
- Cyber Threat Intelligence Analysis Training
- Cybersecurity Investigations and Network Forensics Analysis
ADDITIONAL INFORMATION
COURSE OBJECTIVES
Upon completing this Computer Forensics Training course, learners will be able to meet these objectives:
- Firmly understand the provisions of IT law
- Learn complex technical concepts
- Successfully define evidence-handling procedures
- Functionally design and outline procedures related to incident response strategies
- Comprehend the general rules of evidence
CUSTOMIZE IT
- We can adapt this Computer Forensics Training course to your group’s background and work requirements at little to no added cost.
- If you are familiar with some aspects of this Computer Forensics Training course, we can omit or shorten their discussion.
- We can adjust the emphasis placed on the various topics or build the Computer Forensics course around the mix of technologies of interest to you (including technologies other than those included in this outline).
- If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the Computer Forensics Training course in a manner understandable to lay audiences.
AUDIENCE/TARGET GROUP
The target audience for this Computer Forensics Training course:
- IT professionals involved with information system security, computer forensics, and incident response
CLASS PREREQUISITES
The knowledge and skills that a learner must have before attending this Computer Forensics Training course are:
- N/A
COURSE SYLLABUS
Course Introduction
• Computer Forensics and Investigation as a Profession
• Define computer forensics
• Describe how to prepare for computer investigations and explain the difference between law enforcement agency and corporate investigations
• Explain the importance of maintaining professional conduct
• Digital Evidence – Legal Issues
• Identifying Digital Evidence
• Evidence Admissibility
• Federal Rules of Evidence
• Daubert Standard
• Discovery
• Warrants
• What is Seizure?
• Consent Issues
• Expert Witness
• Roles and responsibilities
• Ethics: (ISC)2, AAFS, ISO
MODULE 2:
Investigations
• Investigative Process
• Chain of Custody
• Incident Response
• E-Discovery
• Criminal v. Civil v. Administrative Investigations
• Computer Forensics Training
• Intellectual Property
• Reporting
• Quality Control
• — Lab and Tool
• — Investigator
• — Examination
• — Standards
• Evidence Management
— SOPs
• — Collection
• — Documentation
• — Preservation
• — Transport / Tracking
• — Storage / Access Control
• — Disposition
• Current Computer Forensics Tools and Hardware
• Commercial
• Free / Open Source
MODULE 3:
DIGITAL FORENSICS
• Forensic Science Fundamentals
• Principles and Methods
• —Locard’s Principle, Inman-Rudin Paradigm, Scientific Method, Peer Review
• Forensic Analysis Process
• Hardware
• Storage Media
• —Hard Disk Geometry, Solid State Drives, RAIDS
• Operating System
• —Boot Process, BIOS/CMOS, The Swap File
•File Systems
• —NTFS File System, FAT File System, HFS+, Ext2/3/4, Embedded
• Erased vs. Deleted
• Live Forensics
MODULE 4:
ANALYZING DATA
• Hardware Forensics
• Keyword Searching
• Metadata
• Time Line Analysis
• Hash Analysis
• File Signatures
• — File Filtering (KFF)
• Volume Shadow Copies
• Time Zone Issues
• Link Files
• Print Spool
• Deleted Files
• — Recycle Bin Forensics
• File Slack
• Damaged Media
• — Physical Damage
• — Logical Damage
• — File Carving
• Registry Forensics
• — USB Devices
• — HKLM
• Multimedia Files
• — EXIF Data
• Compound Files
• — Compression
• — Ole
• — ADS
Passwords
• Web Application Forensics
• Common Web Attack Vectors
• — SQL Injection
• –Cross-Site Scripting
• –Cookies
•Browser Artifacts
•Email Investigators
• — Email Headers
• –Email Files
• Messaging Forensics
• Database Forensics
• Software Forensics
• — Traces and Application Debris
• — Software Analysis (Hashes, Code Comparison Techniques, etc.)
• Computer Forensics Training
• Malware Analysis
• — Malware Types and Behavior
• — Static vs. Dynamic Analysis
MODULE 5:
NETWORK FORENSICS
•TCP/IP
• — IP Addressing — Proxies — Ports and services
• Types of Attacks
• Wired vs. Wireless
• Network Devices Forensics
• — Routers, –Firewalls, –Examining Logs
• Packet Analysis
• OS Utilities
• — Netstat
• — Net sessions
• — Openfiles
•Networking Monitoring Tools
• — SNORT
• — Wire shark
• — NetworkMiner
MODULE 6:
Anti-Forensics
•Hiding
• — Encryption (Symmetric, Asymmetric, TrueCrypt Hidden Partitions)
• — Steganography
• — Packing
• — Hidden Devices (NAS)
• — Tunneling / Onion Routing
•Destruction
• — Wiping/Overwriting
• — Corruption / Degaussing
•Spoofing
• — Address Spoofing
• — Data Spoofing (Timestamping)
• Computer Forensics Training
• Log Tampering
• Live Operating Systems
MODULE 7:
Mobile Devices
•Types of Devices
• — GPS
• — Cell Phones
• — Tablets
•Vendor and Carrier Identification
• — Obtaining Information from Cellular Provider
• GSM vs. CDMA
• SIM Cards
• Common Tools
• Methodology
• Advanced Mobile Forensics (JTAG, chip-off)
MODULE 8:
New and Emerging Technology
•Legal Issues (Privacy, Obtaining Warrants)
•Social Networks Forensics
• — Types of Social Networks
• — Types of Evidence
• — Collecting Data
• Virtualization
• — Virtualization Forensics
• — Use of Virtualization in Forensics
• Cloud Forensics
• — Types of Cloud Services
• — Challenges of Cloud Forensics
• Big Data
Control Systems and IoT
DAY 5: WRAP-UP
-
THE MORNING SESSION IS SPENT FINISHING UP ANY LOOSE ENDS, DEALING WITH EXAM PREP ISSUES, AND REVIEW
