Digital forensics is a course that thoroughly goes through every step of the digital forensics process. It starts with the introduction to different types of digital crime, a general classification of digital forensics and first responder procedures. A part of the course focuses on fast identification, both of digital devices and potentially relevant evidence on digital media. There are three levels of this course: basic, intermediate and advanced. All levels include different hands-on exercises.
Basic Course
Basic training provides participants with knowledge of computer architecture, hardware devices and interfaces, storage media organization, file systems, Microsoft Windows operating system artefacts, and forensic methodology. Recognizing digital evidence and handling it accordingly will be taught, as well as performing a basic review of the evidence in the field, obtaining forensic image file and becoming comfortable in handling digital evidence using various forensics hardware such as write-blockers and forensic workstations.
Prerequisites
Basic computer skills.
Intermediate Course
This course is designed to provide a detailed study of the Windows operating system through a variety of lectures, instructor-led and independent hands-on practical exercises. The course focuses on how the Windows operating system works, with the primary focus on the most current version. At the conclusion of the course, participants will have a clearer understanding of various operating system artefacts and how knowledge of these artefacts can play a significant role in the forensic and investigative process.
Prerequisites
To obtain the maximum benefits from this class, participants should have basic knowledge of digital forensics procedures and be comfortable and conversant with Windows operating system and with the file system in general.
Advanced Course
The advanced course introduces participants to advanced and more complex usage of digital forensics in real situations. The course includes different areas as live system forensics, acquisition of remote system, encryption, basics of Linux and Mac operating systems forensics, and network forensics basics and applications analysis with emphasis on web browsers, e-mail, and social networks. It includes the usage of different commercial and open-source tools, their relative advantages and disadvantages. The goal of education is to adopt more complex techniques and methods of digital forensics and implement them during analysis.
Prerequisites
To obtain the maximum from this course, participants should have basic knowledge of Windows, Mac and Linux operating system, be familiar with the network structure and data flow.
