Course

Credit Type:
Course
ACE ID:
DDCI-0012
Version:
2
Organization's ID:
FT215
Organization:
DC3 Cyber Training Academy
Location:
Classroom-based
Length:
80 hours (10 days)
ACE Credit Recommendation Period:
Credit Recommendation & Competencies
Level Credits (SH) Subject
Upper-Division Baccalaureate 5 Information Technology, Security or Computer Forensics
Description

Objective:

The course objective is to introduce the basic concepts and practices of conducting a forensic examination of digital media with Windows operating systems using Access Data's Forensic Toolkit (FTK) as the primary forensic tool. Students demonstrate how to analyze, recover, and report digital evidence by conducting two full forensic examinations and creating a graded forensic report and examiner notes for each examination. Students then testify and defend their findings in a mock trial.

Learning Outcomes:

  • Explain the hardware and software requirements for a forensic workstation using FTK3 as the primary forensic tool
  • Summarize FTK3-compatible image formats and file systems
  • Classify the three forms of search authority
  • Explain the purpose and elements of a good lab report
  • Explain basic forensic concepts of disk partitioning, data storage, FAT, NTFS, and exFAT file systems, Windows Operating Systems, and the Windows registry
  • Create a high-quality laboratory report to document the results of the forensic examination
  • Explain the purpose and elements of a good lab request
  • Prepare a case in FTK3, then add images to the case and verify their integrity
  • Conduct two basic but thorough forensic examination of submitted images using several analytical tools in FTK3
  • Employ PRTK to crack password protected files and defeat EFS encryption
  • Defend the results of a forensic analysis by testifying as an expert witness in a mock trial

General Topics:

  • Getting started, beginning a new case, forensic analysis basics
  • Forensic analysis with FTK, file level analysis, password recovery toolkit, and reporting
Instruction & Assessment

Instructional Strategies:

  • Audio Visual Materials
  • Case Studies
  • Classroom Exercise
  • Discussion
  • Laboratory
  • Lectures
  • Practical Exercises
Supplemental Materials
Equivalencies

Other offerings from DC3 Cyber Training Academy

View All Courses
College Credit Opportunities