Call : (+91) 968636 4243
Mail : info@EncartaLabs.com
EncartaLabs

Digital Forensics

( Duration: 5 Days )

The Digital Forensics training course provides a strong foundational introduction to Digital Forensics on Microsoft Windows-based systems. You work in both a Windows and Linux environment for your investigative workstations and are exposed to theory and practical skills for an entry-level forensic examiner (acquisition, analysis and reporting), with exposure to advanced topics (live system and mobile forensics).

By attending Digital Forensics workshop, delegates will learn to:

  • Perform the essential duties of a Forensic Examiner
  • Prepare for and execute digital forensic investigations on Windows-based systems
  • Apply forensic methodologies to preserve, acquire, extract and analyze information of investigative importance
  • Identify and analyze key Windows artifacts of investigative importance

COURSE AGENDA

1

Defining digital forensics

  • Articulating the importance of Locard's Principle
  • Contextualizing digital forensics within incident response
2

Explaining the role of digital forensics in investigations

  • Criminal, civil and intelligence/anti-terrorism investigations
  • Applying the scientific method to investigations
3

Articulating the role of a digital forensic examiner

  • Maintaining objectivity within investigations
  • Ensuring confidentiality and integrity
4

Exploring legal considerations of digital forensics

  • Respecting privacy rights and expectations
  • Addressing and reporting illegal information
5

Defining and applying privacy principles

  • Outlining the twelve privacy principles
  • Addressing the duty to preserve in eDiscovery
6

Examining the core operational principles of a computer

  • Inspecting hard drive storage and architecture
  • Reviewing the operations of computer memory
7

Identifying multiple locations of digital evidence within a computer system

  • Investigating alternate data streams
  • Uncovering hidden data with Steganography
8

Determining lab requirements

  • Key components of a digital forensics lab
  • Conducting tool validation
9

Preparing and configuring a forensic workstation

  • Demonstrating appropriate use of a hardware write-blocker
  • Exploring key features of commercial and open source forensic software (e.g., EnCase, FTK, DD)
10

Image acquisition

  • Creating bit-for-bit copies of digital evidence
  • Mounting and searching images
11

Documenting the physical and digital crime scene

  • Conducting crime scene photography
  • Executing triage techniques and methodologies
12

Managing the chain of custody

  • Bagging and tagging physical evidence
  • Documenting and demonstrating evidence continuity
13

Identifying key Windows artifacts

  • Recovering and searching the Windows registry
  • Hibernation files, event logs, prefetch, shellbag and lnk files
  • Password hash extraction and cracking
14

Performing keyword searching, bookmarking and timeline analysis

  • Developing strategies for effective keyword searching
  • Reconstructing the order of events with timeline analysis
15

Conducting e-mail, web browser and USB investigations

  • Extracting and recovering deleted data from slack space
  • Tracking user activity and addressing Trojan Defense
  • Performing Mobile Forensics
16

Safely handling mobile devices during investigations

  • Examining the use of Faraday bags
  • Demonstrating the use of mobile cables and write-blockers
17

Preserving and acquiring evidence from mobile devices

  • Investigating evidence located within the address book, calendar, mail, apps and SMS
  • Recovering data from SIM cards
18

Performing live memory acquisitions

  • Demonstrating the investigative value of live memory analysis on running systems
  • Utilizing open-source tools to capture and extract live memory
19

Analyzing memory dumps for investigative information

  • Determining running processes, active network connections and recent commands
  • Identifying hidden processes and Malware

Encarta Labs Advantage

  • One Stop Corporate Training Solution Providers for over 6,000 various courses on a variety of subjects
  • All courses are delivered by Industry Veterans
  • Get jumpstarted from newbie to production ready in a matter of few days
  • Trained more than 50,000 Corporate executives across the Globe
  • All our trainings are conducted in workshop mode with more focus on hands-on sessions

View our other course offerings by visiting https://www.encartalabs.com/course-catalogue-all.php

Contact us for delivering this course as a public/open-house workshop/online training for a group of 10+ candidates.

Top
Notice
X