Virtual ClassroomLearning Style
5 DaysCourse Duration
About Individual Course:
Digital forensics is the practice of recovering and investigating information found in digital devices. In addition to gaining experience in both a Windows and Linux investigative workstation, this training course provides you with the skills equal to an entry-level forensic examiner to acquire, analyze, and report information — with exposure to advanced topics, such as live system and mobile forensics.
- Perform the essential duties of a forensic examiner
- Prepare for and execute digital forensic investigations on Windows-based systems
- Apply forensic methodologies to preserve, acquire, extract, and analyze information of investigative importance
- Identify and analyze key Windows artifacts of investigative importance
Virtual Instructed-Led Outline
What is Digital Forensics?
Defining digital forensics
- Articulating the importance of Locard's Principle
- Contextualizing digital forensics within incident response
Explaining the role of digital forensics in investigations
- Criminal, civil and intelligence/anti-terrorism investigations
- Applying the scientific method to investigations
Articulating the role of a digital forensic examiner
- Maintaining objectivity within investigations
- Ensuring confidentiality and integrity
Evaluating the Legal Landscape
Exploring legal considerations of digital forensics
- Respecting privacy rights and expectations
- Addressing and reporting illegal information
Defining and applying privacy principles
- Outlining the twelve privacy principles
- Addressing the duty to preserve in eDiscovery
Computing Fundamentals, Memory and Storage
Examining the core operational principles of a computer
- Inspecting hard drive storage and architecture
- Reviewing the operations of computer memory
Identifying multiple locations of digital evidence within a computer system
- Investigating alternate data streams
- Uncovering hidden data with Steganography
Configuring the Forensics Lab and Workstation
Determining lab requirements
- Key components of a digital forensics lab
- Conducting tool validation
Preparing and configuring a forensic workstation
- Demonstrating appropriate use of a hardware write-blocker
- Exploring key features of commercial and open source forensic software (e.g., EnCase, FTK, DD)
- Creating bit-for-bit copies of digital evidence
- Mounting and searching images
Handling and Collecting Evidence
Documenting the physical and digital crime scene
- Conducting crime scene photography
- Executing triage techniques and methodologies
Managing the chain of custody
- Bagging and tagging physical evidence
- Documenting and demonstrating evidence continuity
Analyzing and Investigating Evidence
Identifying key Windows artifacts
- Recovering and searching the Windows registry
- Hibernation files, event logs, prefetch, shellbag and lnk files
- Password hash extraction and cracking
Performing keyword searching, bookmarking and timeline analysis
- Developing strategies for effective keyword searching
- Reconstructing the order of events with timeline analysis
Conducting e-mail, web browser and USB investigations
- Extracting and recovering deleted data from slack space
- Tracking user activity and addressing Trojan Defense
Performing Mobile Forensics
Safely handling mobile devices during investigations
- Examining the use of Faraday bags
- Demonstrating the use of mobile cables and write-blockers
Preserving and acquiring evidence from mobile devices
- Investigating evidence located within the address book, calendar, mail, apps and SMS
- Recovering data from SIM cards
Conducting Live Memory Forensics
Performing live memory acquisitions
- Demonstrating the investigative value of live memory analysis on running systems
- Utilizing open-source tools to capture and extract live memory
Analyzing memory dumps for investigative information
- Determining running processes, active network connections and recent commands
- Identifying hidden processes and Malware
|Learning Style||Virtual Classroom|
|Course Duration||5 Days|
Frequently Asked Questions About Virtual Instructor-Led Courses
I can't connect to my class, what are my options?
The link to the class is available upon logging in to your dashboard. If you are unable to see it, please contact our support team at 1-855-800-8240 and they will be happy to provide you the direct link via email or the dial in number.
I can't make it to attend to class. Can I reschedule?
Yes, you can reschedule your class. Please contact your Sales representative and they will arrange this for you. If you forgot his/her name, feel free to contact our support team at firstname.lastname@example.org or 1-855-800-8240.
Will I get my certificate upon completion?
Yes. Upon completion of the course, it will be available on your course as a Trophy Icon for you to download. If you do not see this, you will need to contact email@example.com with the following details so they can email you the certificate: Class Name, Class Date, Account Rep, and Your Email.
I cannot connect to my lab. Help!
Your Lab is accessible on the bottom part of your course. You will see a button that says "LAB". Just click it to launch the lab. Please note that some classes don’t need/require a LAB. You can verify with our support team by calling them at 1-855-800-8240 or by email at firstname.lastname@example.org. You can also check with your Instructor or the Associate Instructor if your class includes one.
What is my access code for Skillpipe?
A. Not all of the classes have or require Skillpipe. If your class includes one, please check your email as you should have received one from email@example.com. In case you do not find it in your inbox, please check the Spam / Junk folder. For any further assistance, you can call the support at 1-855-800-8240 or contact them via email at firstname.lastname@example.org.
I don't have audio. I can't hear the instructor.
Make sure you are using a compatible headset for your laptop or computer. If you don’t have a headset, you can use the built-in speaker of your laptop. Otherwise, you can use the dial in option by calling the dial in number provided in the class joining email. You may also contact support team for the dial in numbers associated for your training at 1-855-800-8240 or contact them via email at email@example.com.
How can I reach student support?
Support can be reach via phone at 1855-800-8240; via email at firstname.lastname@example.org or via chat support through the chat button on our website. Please note that support office hours will be from 8am-5pm CST Monday to Friday. Any concerns after office hours will be attended the following business day.
Have Questions? Ask Us.
Turn Training Into A Personalized Learning Experience
- Problem Solving through ExpertConnect & Peer-To-Peer Learning
- Find The Quickest Path To Learn With Career Paths
- Access All Courses With Master Subscription
- Manage Your Team With Learning Analytics
- Virtual Classroom Training & Self-Paced Learning
- Integrate With Your LMS Through API's