Introduction to Digital Forensics Training
Commitment | 5 Days, 7-8 hours a day. |
Language | English |
User Ratings | Average User Rating 4.8 See what learners said |
Price | REQUEST |
Delivery Options | Instructor-Led Onsite, Online, and Classroom Live |
COURSE OVERVIEW
This introductory course on Digital Forensics addresses technical IT staff who mostly work as administrators and auditors without routine duties related to forensic analysis. The Introduction to Digital Forensics Training course is also open to forensics trainers such as lecturers and tutors whose duties include forensics training. Experienced digital forensic staff may benefit from a more advanced course. The Introduction to Digital Forensics Training course covers the broad topics essential to the digital forensics disciplines. It sets out a framework for investigations, covering the best practice as described by The National Police Chiefs’ Council (NPCC) formally ACPO guidelines. Forensic fundamentals will be covered as well as the use of open-source forensic tools. The data will be then analyzed and an example report produced.
Participants in this Introduction to Digital Forensics Training course learn about the methods to identify, preserve, analyze, and report on digital artifacts. Using a mixed approach of fundamentals and open-source software, delegates will be able to select suitable tools and report on their findings in an evidential way.
WHAT'S INCLUDED?
- 5 days of Introduction to Digital Forensics Training with an expert instructor
- Introduction to Digital Forensics Course Guide
- Certificate of Completion
- 100% Satisfaction Guarantee
RESOURCES
- Introduction to Digital Forensics Training – https://www.wiley.com/
- Introduction to Digital Forensics Training – https://www.packtpub.com/
- Introduction to Digital Forensics – https://store.logicaloperations.com/
- Introduction to Digital Forensics – https://us.artechhouse.com/
- Introduction to Digital Forensics Training – https://www.amazon.com/
RELATED COURSES
- 5G Wireless Security Training
- Cloud Security Fundamentals Training
- Fundamentals of Information Systems Security Training
- Certified Ethical Hacking (CEH) Training v12
- CompTIA Security+ Certification Training (SY0-601)
- ICS/SCADA Security Essentials Training
- Intrusion Prevention Training
- Cybersecurity Foundations Training
- Cyber Threats Detection and Mitigation Training
- Cyber Threats Hunting (CCTHP) Training
- Cyber Threat Intelligence Analysis Training
- Cybersecurity Investigations and Network Forensics Analysis
ADDITIONAL INFORMATION
COURSE OBJECTIVES
Upon completing this Introduction to Digital Forensics Training course, learners will be able to meet these objectives:
- The purpose, benefits, and key terms of digital forensics.
- Describe and adhere to the principles of the forensic framework
- Understand the importance of the chain of custody
- Demonstrate basic knowledge of key locations in different operating systems
- Identify how different file systems represent files and how they deal with deletion etc.
- Understand where timestamps and other metadata come from
- Have knowledge of the legal framework in which they operate, and the expected level of ethical behavior expected.
- Reporting and 5x5x5 procedures.
CUSTOMIZE IT
- We can adapt this Introduction to Digital Forensics Training course to your group’s background and work requirements at little to no added cost.
- If you are familiar with some aspects of this Introduction to Digital Forensics Training course, we can omit or shorten their discussion.
- We can adjust the emphasis placed on the various topics or build the Introduction to Digital Forensics Training around the mix of technologies of interest to you (including technologies other than those included in this outline).
- If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the training course in a manner understandable to lay audiences.
AUDIENCE/TARGET GROUP
The target audience for this Introduction to digital forensic training course:
- The Introduction to digital forensic Training course audience includes all teams across the IT, Security, Internal Audit, Law Enforcement, and Government.
CLASS PREREQUISITES
The knowledge and skills that a learner must have before attending this Introduction to digital forensic training course are:
- Common Security and Network terminology
- TCP/IP addressing, routing, and internetworking concepts
COURSE SYLLABUS
Module 1: Intro to Digital forensic
- Describe what digital forensics is
- Identify which crimes use computers, cyber crime/ cyber-enabled crime
- What skills should a computer forensic expert have?
- Introduce the forensic framework,
- Collection
- Examination
- Analysis
- Reporting
- Extended Framework: Collection authority and legislation for digital evidence
Module 2: Introduction to Digital Forensics Training – Forensic fundamentals
- What is data and how is it represented in a computer?
- Create a .txt and examine it in a hex editor
- Discuss number systems Binary and Hex
- Look at different files, and compare a word document with the same text as the .txt file from a)
- What is a digital device and how do we collect its data?
- Memory capture -brief at this stage
- Look at Hard drives
- What does a hard drive look like? (inc flash)
- History CHS and LBA addressing
- Use of encryption on equipment and how that affects the investigation
Module 3: Framework: Collection
- Crime scene management
- Recording the scene and documenting your actions
- To switch off or not: discuss the issue and create a first responders flow chart
- Safe removal of hard drives
- Other media, ‘pen’ drives, optical media and other removable
- Cloud-based data
- Mobile in brief on the air wiping
Module 4: Examination 1: Data acquisition and preserving evidence for court
- Write blocking and disk imaging
- Alternative methods of disk imaging
- Principles of hashing
Module 5: Introduction to Digital Forensics Training – Examination 2: File system Analysis
- Demonstrate tools to mount the image
- Describe how to identify and examine the file system
- Look how different file systems represent data on disk
- Overview of FAT and NTFS
- Look at the way deleted files are handled
- Describe how to identify Operating systems
- Look at default locations for user data
- Overview of the windows registry and useful locations for data
Module 6: Analysis
- Levels of persistence and what it means evidently e.g ‘live’; ‘deleted’, ‘over-written’
- Timelines
- Putting the suspect ‘in front of the keyboard’
Module 7: Reporting forensic findings and digital intelligence
- Understanding the scope of the investigation
- Tone and style back up the substance
- An understanding of ‘true’ and how information can be presented in a neutral way
- Overview of digital intelligence including open source
Module 8: Legal framework
- Identify what authority the investigation is being performed
Understand the bounds of the investigation as defined in the scope
Module 9: Mobile Forensics: Introduction
- Handling of mobile devices to preserve data
- Physical and logical analysis of mobile devices
Module 10: E-discovery: introduction
What is E-discovery?
Review of E-discovery tools and techniques.