Course

Objective:

Learning Outcomes:

• Have a basic understanding of the computer forensic investigation process and the potential legal issues involved
• Roles of first responder, first responder toolkit, securing and evaluating electronic crime scene, conducting preliminary interviews, documenting electronic crime scene, collecting and preserving electronic evidence, packaging and transporting electronic evidence, and reporting the crime scene
• Data acquisition and duplication rules, validation methods and tools required
• The process involved in forensic investigation using Access Data FTK and EnCase
• Password Cracking Concepts, tools, types of password attacks and how to investigate password protected files
• Importance of the investigation of logs, network traffic, wireless attacks, and web attacks
• Importance of the tracking of e-mails and investigate e-mail crimes
• Mobile forensics and mobile forensics software and hardware tools
• Importance of the writing investigative reports
• Evidence searching, seizing and acquisition methodologies in a legal and forensically sound manner
• Different types of digital evidence, rules of evidence, digital evidence examination process, and electronic crime and digital evidence consideration by crime category
• Various file systems and how to boot a disk
• Gathering volatile and nonvolatile information from Windows
• How to recover deleted files and deleted partitions in Windows, Mac OS X, and Linux
• Steganography and its techniques, steganalysis, and image file forensics
• Different types of log capturing, log management, time synchronization and log capturing tools

General Topics: