Computer Forensics Training - Advanced Digital Forensic Techniques by SecureIA
Untitled Document
The dramatic increase in computer-related crime requires corporate security personnel and law enforcement agents to understand how to legally obtain electronic evidence stored in computers.
Electronic records such as computer network logs, e-mails, word processing files, and “.jpg” picture files increasingly provide the government and corporations with important (and sometimes essential) evidence in criminal and civil cases.
One of the purposes of this course is to provide law enforcement agents and corporate security personnel with systematic guidance that can help them understand some of the issues that arise when they seek electronic evidence in criminal and civil investigations.
Our reputation speaks for itself! See what others are saying... Testimonials
Package Includes:
5 CD-ROMs featuring live instructor-led classroom sessions with full audio, video and demonstration components
Printable courseware
Exclusive LearningZone Live Mentor
Click
for Details
Help Whenever you need it! Exclusive LearningZone - Chat Live
with our Certified Instructors anytime around the clock (7x24)
Focused on practical solutions to real-world development problems
Free 1 Year Upgrade Policy
Certificate of Completion
Kenneth Mayer - Certified CEH Trainer (CCSI, MCT, CCNP, CCDA)
Ken Mayer is a Microsoft Certified Trainer as well as a Certified Ethical Hacker Trainer and Security consultant. He started his career in computer technology in 1980s. He has offered a wide variety of IT training and high level consulting projects for Fortune 500 companies across the United States and Western Europe. He has achieved the Certified Cisco Systems Instructor certification. The CCSI certification involved a two-day lab and observation event held on Cisco in Paris, France Facility. This gave Ken the accreditation to be able to deliver Cisco Authorized Courses as a CCSI. He has taught the full line of Cisco CCNA, CCDA, CCNP, CCDP and CCIP course curriculums, including Cisco's security appliances such as PIX and IDS.
Course Features:
Main Menu
Move through hours of in-depth content - quickly and easily due to the efficient and organized structure.
PowerPoint
Utilizing PowerPoint presentations enhances the delivery by displaying a variety of visual information to the user. This type of representation allows the user to better interpret the material through charts, definitions, graphs, and more...
Exclusive Learning Zone
Train around the clock, around the world. Our certified online instructors are located at global support centers in the U.S., U.K., Australia, and Singapore to provide real-time answers to technology- and soft-skill-related questions 24x7. This means access to a live subject matter expert no matter where you are - day or night. This level of student/instructor interaction provides real-time training specific support and extends training beyond content and instructor-led solutions by providing flexibility to accommodate individual needs and schedules.
Controls
Move forward, back, and repeat entire topics or just a section. A progress bar illuminates as you advance through exercises.
Full Motion Video
All courses feature full-motion videos of instructors teaching the information as if they are speaking directly to you. Our unique delivery simulates a one-on-one classroom environment creating a more personal lesson and learning experience.
Study Guides
Printable study guides for the entire course are available. This allows all material to be viewed, reviewed, and printed for viewing at a later date.
Review Exercises
Each section has a review quiz to aid in the learning process by validating the comprehension of the material covered before moving on to a new section.
Resume
All courses are resumed to where you left off last session allowing you to learn when it is convenient for you without the hassle of remembering where you where.
Live Demonstrations
Demonstrations are a way for the instructor to show and tell the user how to perform
a task by actually doing it on screen in front of them. In this format it gives the user the power to see things done by a professional in the intended environment as many times as they would like.
Certificate of Completion Career Academy is recognized worldwide for its technology-based IT training curriculums. Upon successful completion of our program, you will be receiving a Career Academy Distance Education Certificate of Completion.
Module 1 - Computer Forensic Investigative Theory
History of Digital Forensics
Digital Evidence
Three Main Aspects to Digital Evidence Reconstruction
“Attack” Guidelines for the Recovery of Digital Data
Classification
Reconstruction
Demo - TimeStomping
Behavioral evidence analysis (BEA)
Equivocal forensic analysis (EFA)
Victimology
Demo - Following the Clues from an Email Header
Important Questions Regarding the Victim's Cybertrail
Module 1 Review
Goal of Digital Evidence Processing
Demo - Logical Review with FTK
Duplication
Documenting and Identifying
Disassembling the Device
Disconnecting the Device
Document the Boot Sequence
Removing and Attaching the Storage Device to Duplicated System
Circumstances Preventing the Removal of Storage Devices
Write Protection via Hardware/Software
Geometry of a Storage Device
Host Protected Area (HPA)
Tools for Duplicating Evidence to Examiner's Storage Device
EnCase for Windows Acquisition Tool
Demo - Hashing and Duplicating a Drive
Preparing Duplication for Evidence Examination
Recording the Logical Drive Structure
Using “Sandra” and “WinHex”
File Allocation Tables
Logical Processes
Known Files
Reference Lists
Verify that File Headers Match Extensions
Demo - Introduction to FTK
“Regular Expressions”
Demo - Using Regular Expressions
File Signatures
Demo - Hex Workshop Analysis of Graphic Files
Module 3 Review
Module 4 - Crypto and Password Recovery
Background
Demo - Stegonography
History
Concepts 1
Demo - Cracking a Windows Hashed Password
Concepts 2
File Protection
Options 1
Demo - Recovering Passwords from a Zip File
Options 2
Rainbow Tables
Demo - Brute Force/Dictionary Cracks with Lophtcrack
Demo - Password Cracking with Rainbow Tables
Module 4 Review
Module 5 - Specialized Artifact Recovery
Overview
Exam Preparation Stage
Windows File Date/Time Stamps
File Signatures
Image File Databases
Demo - Thumbs.DB
The Windows OS
Windows Operating Environment
Windows Registry
Windows Registry Hives 1
Demo - Registry Overview
Windows Registry Hives 2
Windows 98 Registry
Windows NT/2000/XP Registry
Windows Registry ID Numbers
Windows Alternate Data Streams
Demo - Alternate Data Streams
Windows Unique ID Numbers
Other ID’s
Historical Files 1
Demo - Real Index.dat
Historical Files 2
Demo - Review of Event Viewer
Historical Files 3
Demo - Historical Entries in the Registry
Historical Files 4
Windows Recycle Bin
Demo - INFO Files
Outlook E-Mail
Outlook 2k/Workgroup E-Mail
Outlook Express 4/5/6
Web E-Mail
Module 5 Review
