Digital Forensics Foundation Training Course 4 Days
A 4 day practical training course for people who are responsible for digital forensic investigations or are wishing to become a digital forensic investigator.
The course will provide a solid foundation in the understanding of digital forensics principles and techniques. Each subject is covered in depth and supported by practical scenario based exercises to reinforce the learning points.
The candidate will use a range of free and open source forensic tools. This allows the candidate the opportunity to practice what they have learnt on the course without the need to invest in expensive forensic software / hardware. The course has been designed by experienced forensic investigators with many years’ experience ensuring the course content is both relevant and practical.
The course is aimed at people who are responsible for digital forensic investigations or are wishing to become digital forensic investigators, including: IT security professionals and law enforcement officers.
In-House Training :
- In-House Training Only.
- Daily Rate Charge.
- Maximum candidate in the class 5-10 or more please discuss with sales directly .
Introduction to Digital Forensics
- Define Digital Forensics
- Define the Types of Forensic Investigations
- Legal Considerations
- Best Practice Guideline
- The Four Principles of Computer Based evidence
- The Basics of Information Gathering
Identification and seizure of digital equipment
- Evidence Handling and Chain of Custody
- Identifying Electronic Sources of Evidence
- Seizure of Electronic Devices
- Dealing with Live Systems
- Forensic Image
- Forensic Clone
- Forensic Image vs. Forensic Clone
- FTK Imager
- Hash Values
Understanding Digital Data
- Binary Digits
- Storage Devices
- Understanding Electronic Data
Understanding Hard Drive Terminology
- Physical Drives
- Understanding Hard Drive Terminology
- Unified Extensible Firmware Interface (UEFI)
- GUID Partition Table (GPT)
File Systems & Data Storage
- Introduction to File Systems
- Data Storage
- File System Metadata
- Live, Deleted and Unallocated Data
- NTFS Compression and Encryption
- Date and Time Stamps
- File Metadata
Forensic Analysis Techniques
- Analysis Environments
- Case Preparation
- File/ Folder Recovery
- Data Carving
- Data Reduction Methods
- Corroborating Evidence
- Windows Registry
- USB Devices
- Internet History
- Prefetch Files
- Encryption and Passwords
- Disk Wiping
- Malicious Activity
- Cloud Forensics
- Purpose and Layout
- Payment is due upon registration
- Delegates who cancel after registration, or who don’t attend, are liable to pay the full course fee and no refunds can be given
- We reserve the right to postpone or cancel a training course at any time.
- If a training course is cancelled by us, we will inform all registered delegates on the course as soon as possible. Upon the cancellation of a course, we will offer to each delegate a full refund for the cost of the course or alternative dates for the course.
- We will not be held liable for any expenses, either direct or indirect, or for loss of time, earnings or business, incurred as a result of a postponed or cancelled course.