Windows Forensic Analysis Training Bootcamp Course with Hands-on labs
Windows Forensic Analysis Training Bootcamp Course focuses on building in-depth digital forensics knowledge of the Microsoft Windows operating systems. You can’t protect what you don’t know about, and understanding forensic capabilities and artifacts is a core component of information security. Learn to recover, analyze, and authenticate forensic data on Windows systems.
Understand how to track detailed user activity on your network and how to organize findings for use in incident response, internal investigations, and civil/criminal litigation. Use your new skills for validating security tools, enhancing vulnerability assessments, identifying insider threats, tracking hackers, and improving security policies. Whether you know it or not, Windows is silently recording an unimaginable amount of data about you and your users. Windows Forensic Analysis Training Bootcamp Course teaches you how to mine this mountain of data.
Windows Forensic Analysis Training Bootcamp Course – Objectives:
Upon completing this Windows Forensic Analysis Training Bootcamp course, learners will be able to meet these objectives:
• Perform proper Windows forensic analysis by applying key techniques focusing on Windows 7/8/10
• Use full-scale forensic tools and analysis methods to detail nearly every action a suspect accomplished on a Windows system, including who placed an artifact on the system and how, program execution, file/folder opening, geo-location, browser history, profile USB device usage, and more
• Uncover the exact time that a specific user last executed a program through Registry and Windows artifact analysis, and understand how this information can be used to prove intent in cases such as intellectual property theft, hacker-breached systems, and traditional crimes
• Determine the number of times files have been opened by a suspect through browser forensics, shortcut file analysis (LNK), e-mail analysis, and Windows Registry parsing
• Identify keywords searched by a specific user on a Windows system to pinpoint the data and information that the suspect was interested in finding and accomplish detailed damage assessments
• Use Windows Shellbag analysis tools to articulate every folder and directory that a user opened up while browsing local, removable, and network drives
• Determine each time a unique and specific USB device was attached to the Windows system, the files and folders that were accessed on it, and who plugged it in by parsing Windows artifacts such as the Registry and log files
• Learn event log analysis techniques and use them to determine when and how users logged into a Windows system, whether via a remote session, at the keyboard, or simply by unlocking a screensaver
• Determine where a crime was committed using Registry data to pinpoint the geo-location of a system by examining connected networks and wireless access points
• Use browser forensic tools to perform detailed Web browser analysis, parse raw SQLite and ESE databases, and leverage session recovery artifacts and flash cookies to identify the Web activity of suspects, even if privacy cleaners and in-private browsing are used
Registration closes for all classes 2 weeks prior to the start date.
For Government/Corporate purchases, please complete and submit this form.