Digital Forensics

This is NOT an EC Council CHFI course although it does prepare you for their test.

If the student actually is up to speed on the technology and can not only provide an accurate forensics discovery but also provide a proper report at its conclusion.

Our test will use a certification body that will send you out 3 pieces of digital information.

One of the pieces you will be required to acquire, authenticate (hash) do all the necessary paperwork just like it is a real Forensics Case, the rest will arrive as pre-acquired Encase images.

Our test will consist of a CD-ROM you must acquire, a Encase hard drive image, and a Thumb drive all supposedly pertaining to the same case and you will receive all items 1 week apart, by either a drop box link or by us Mail depending on where you are in the world.

Why Attend this Course

In Layman’s Terms:
Looking at the information on a computer or digital device to determine what a person was doing in the “electronic world”

Course Objectives:
In this course, you will learn the skills necessary to conduct a basic digital evidence acquisition and analysis:

You will:

  • Become aware of the various types of “Digital Incidents”
  • Learn how to respond to a “Digital Incident”
  • Conduct basic acquisitions and authentication of digital evidence
  • Use forensic software to conduct a controlled analysis of digital evidence
  • Record your findings in a digital examination log file
  • Present your findings

It is assumed that you have come to this course with the requisite skills as an experienced personal computer user…

And that you have been using personal computers on a daily basis in the conduct of your duties as a law enforcement or corporate security investigator…

You have a need to know how to find or preserve evidence of a criminal or civil nature that will ultimately be used to prosecute an individual in a court of law.

 

Course Outline

  1. Introduction
  2. Computer Forensic Incidents
  3. Investigation Process
  4. OS Disk Storage Concepts
  5. Digital Acquisition and Analysis
  6. Forensic Examination Protocols
  7. Digital Evidence Protocols
  8. CFI Theory
  9. Digital Evidence Presentation
  10. Computer Forensics Lab Protocols
  11. CF Processing Techniques
  12. Digital Forensics Reporting
  13. Specialized Artifact Recovery
  14. eDiscovery and ESI
  15. Cell Phone Forensics
  16. USB Forensics
  17. Incident Handling
  18. PDA Forensics
  19. Investigating Harassment

Audience

IT Professionals, First Responders to a Forensic Incident, Managers needing to know the proper procedures to preserve the proper chain of custody as well as search for information in a forensically sound manner.

Certifications and Exams
Exam 312-49 CHFI