Digital
and Computer Forensics & Investigations Training
Contact
us
Whatapp
INTRODUCTION
Computer and Mobile Forensics teaches you how to identify,
preserve, extract, analyze and report forensic evidence on computers and mobile
devices. You will learn about the challenges of computer and mobile forensics,
walk through the process of analysis and examination of operating systems and
mobile devices, and gain a deep understanding of differences in evidence
locations and examination techniques on Windows and Linux computers and Android,
iOS and Windows phones.The course provides trainees with a practical based
understanding of the methodologies, tools and techniques used in computer
forensic and investigation in digital environment. The course content covers
acquisition, collection, seizure and preservation of evidence handling,
interpretation and final reporting and presentation of
findings.
COURSE
OBJECTIVES
After
competing this course, you will be able to:
- Understand the fundamentals of digital forensics and explain the
need for mobile device forensics
- Understand the threats associated with mobile
devices
- Classify evidence types on mobile devices and evidence
acquisition types
- Explain different mobile hardware
architecture
- Develop a mobile forensics investigation
process
- Use
various forensic tools for investigation
- Investigate mobile security breaches and identify the
criminal
- Restore the data and generate reports for future threats/attacks
analysis
- Gathering volatile and non-volatile data from Windows and
recouping erased documents from Windows, Mac OS X, and Linux. Researching
password secured documents by utilizing password cracking concepts and
tools
- Roles of the first responder, first responder toolkit, securing
and assessing electronic crime scene, directing preliminary interviews,
archiving electronic crime scene, gathering and safeguarding electronic proof,
bundling and transporting electronic crime scene, and detailing electronic
crime scene.
- Setting up the computer forensics lab and creating investigation
reports.
- Steganography, Steganalysis and image
forensics.
- Kinds of log capturing, log management, Investigation logs,
network traffic, wireless attacks, and web assaults.
DURATION
10
Days
WHO
SHOULD ATTEND
This
training course is suitable to a wide range of professionals but will greatly
benefit:
Information Security
Professionals, Cyber Security officers, Security Officers, Computer Forensic
Analyst, Forensic and Network Investigators , Law Enforcement Officials,
Ethical Hacking
Expert, Digital Forensics Investigators, Risk Assessments Professionals, Mobile
Developers, anyone who deals with implementation, testing, security hardening of
mobile devices.
COURSE CONTENT
Module
1
- Course introduction
- Computer forensics and investigation as a
profession
- Define computer forensics
- Describe how to prepare for computer investigations and explain
the difference between law enforcement agency and corporate
investigations
- Explain the importance of maintaining professional
conduct
- Digital evidence — legal issues
- Identifying digital evidence
- Evidence admissibility
- Rules of evidence
- What is seizure?
- Consent issues
- Expert witness
- Roles and responsibilities
- Ethics
- Investigations
- Investigative process
- Incident response
- E-discovery
- Criminal vs. civil vs. administrative
investigations
- Intellectual property
- Reporting
- Quality control
- Evidence management
- Current computer forensics tools and
hardware
Module
2
- Forensic science fundamentals
- Principles and methods
- Forensic analysis process
- Hardware
- Storage media
- Operating system
- File systems
- Erased vs. deleted
- Live forensics
Module
3
- File and operating system forensics
- Keyword searching
- Metadata
- Timeline analysis
- Hash analysis
- File signatures
- Volume Shadow Copies
- Time zone issues
- Link files
- Print spool
- Deleted files
- File slack
- Damaged media
- Registry forensics
- Multimedia files
- Compound files
- Web and application forensics
- Common web attack vectors
- Browser artifacts
- Email investigations
- Messaging forensics
- Database forensics
- Software forensics
- Malware analysis
Module
4
- Network forensics
- TCP/IP
- Types of attacks
- Wired vs. wireless
- Network devices forensics
- Packet analysis
- OS utilities
- Network monitoring tools
- Anti-forensics
- Hiding
- Steganography
- Packing
- Hidden devices (NAS)
- Tunneling/Onion routing
- Destruction
- Spoofing
- Log tampering
- Live operating systems
Module
5
- New & emerging technology
- Legal issues (privacy, obtaining
warrants)
- Social networks forensics
- Types of social networks
- Types of evidence
- Collecting data
- Virtualization
- Virtualization forensics
- Use of virtualization in forensics
- Cloud forensics
- Types of cloud services
- Challenges of cloud forensics
- Big data
- Control systems and IOT
- Mobile forensics introduction
- Types of devices
- GPS
- Cell phones
- Tablets
- Vendor and carrier identification
- Obtaining information from cellular
provider
- GSM vs. CDMA
- Common tools and methodology
Module
6
- Mobile forensics process
- Mobile forensics challenges
- Types of evidence found on mobile
devices
- Collecting mobile devices at the
scene
- Comparison of mobile operating
systems
- Data acquisition methods
- Reporting findings
- Android forensics
- Android platform
- Android security model
- Bypassing Android security features
- Android logical data acquisition and
analysis
- Android physical data
acquisition
Module
7
- iOS forensics
- Apple iOS platform
- iOS security
- Bypassing iOS security features
- iOS data acquisition and analysis
- iPhone/iCloud backups
- iOS data recovery techniques
- Windows phones
- Windows Phone OS: partitions and
filesystems
- Windows Phone security features
- Windows Phone logical acquisition and
analysis
- Windows 10 mobile OS forensics
- Feature phones forensics
- Acquiring and examining data from feature
phones
NB:
This a full practical oriented training. Participants are required to have
laptops.
THE
END