Advanced Computer Forensics Training

Advanced Computer Forensics Training

Course Delivery

This Course is available in the following format:

Request this course in a different delivery format

GSA Schedule 70 Saving for Government Customers

Course Overview:

Advanced Computer Forensics Training Course Hands-on

Accelerated and taught in five (5) days, this in-depth Advanced Computer Forensics Training course teaches you advanced computer forensics concepts. This Advanced Computer Forensics Training course is intended for those that have either taken the ENO;s Computer Forensics Boot Camp, or have experience in the computer forensic profession.

Related Courses

CISA Training | Certified Information Systems Auditor Training
CISM Training | Certified Information Security Manager Training
CISSP Training | Certified Information Systems Security Professional Training
CompTIA Cybersecurity Analyst+ Training | CSA+ Certification Training
CompTIA Security+ Certification Training
Computer Forensics Training
CyberSec First Responder: Threat Detection and Response Training
Cyber Threats Detection and Mitigation Training
Cybersecurity Investigations and Network Forensics Analysis
Ethical Hacking Training | CEH Certification Training
Fundamentals of Information Security Training
Hacker Tools, Techniques, Exploits, and Incident Handling Training
Network Penetration Testing and Ethical Hacking Training
Reverse Engineering Malware Training
Industrial Control Systems – ICS/SCADA Security Essentials Training
Systems Forensics, Investigation, and Response Training

Customize It:

• If you are familiar with some aspects of this Advanced Computer Forensics Training course, we can omit or shorten their discussion.
• We can adjust the emphasis placed on the various topics or build the Advanced Computer Forensics Training course around the mix of technologies of interest to you (including technologies other than those included in this outline).
• If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the Advanced Computer Forensics Training course in manner understandable to lay audiences.

Audience / Target Group:

The target audience for this Advanced Computer Forensics Training course:

• IT professionals involved with information system security, computer forensics, and incident response

What You Will Learn:

Upon completing this Advanced Computer Forensics Training course, learners will be able to meet these objectives:

• Apply advanced computer forensic analysis concepts to live case work
• Respond appropriately to immediate response situations
• Perform Volume Shadow Copy (VSC) analysis
• Advanced level file and data structure analysis for XP, Windows 7 and Server 2008/2012 systems
• Registry analysis for XP and Windows 7/8 systems
• Malware detection and analysis
• Timeline Analysis
• Windows Application Analysis
• Mobile Forensics

Advanced Computer Forensics Training – Course Syllabus:


Module 1: Advanced Analysis Concepts

• Avoiding Speculation
• Direct and Indirect Artifacts
• Least Frequency of Occurrence
• Documentation
• Convergence
• Virtualization

Module 2: Immediate Response

• Prepared to Respond
• Questions
• The Importance of Preparation
• Logs
• Data Collection


Module 3: VSC Analysis

• Registry Keys
• Live Systems
• Pro Discover
• F-Response
• Acquired lmages
• VHD Method
• VMware Method
• Automating VSC Access
• Pro Discover

Module 4: File Analysis

• File System Tunneling
• Event Logs
• Windows Event Log
• Recycle Bin
• Prefetch Files
• Scheduled Tasks
• Skype
• Apple Products
• Image Files


Module 5: Registry Analysis

• USB Device Analysis
• System Hive
• Software Hive
• Application Analysis
• NetworkLst
• NetworkCards
• Shell bags
• MUICache
• UserAssst

Module 6: Malware

• Introduction and Overview
• Malware Characteristics
• Initial Infection Vector
• Propagation Mechanism
• Persistence Mechanism
• Artifacts
• Detecting Malware
• Log Analysis


Module 7: Timeline Analysis

• Data Sources
• Time
• User
• TLN Format
• File System Meta data
• Event Logs
• Windows

Module 8: Application Analysis

• Log Files
• Dynamic Analysis
• Network Captures
• Application Memory Analysis


Module 9: Mobile Forensics

• Keyboard caches containing usernames, passwords, search terms, and historical fragments of typed communication.
• Screenshots preserved from the last state of an application
• Deleted images from the suspect’s photo library, camera roll, and browsing cache.
• Deleted address book entries, contacts, calendar events, and other personal data.
• Exhaustive call history
• Map tile images from the iPhone’s Google Maps application,
• Lookups and longitude/latitude coordinates of previous map searches, and coordinates of the last GPS fix.
• Browser cache and deleted browser objects
• Cached and deleted email messages
• SMS messages
• Deleted voicemail recordings

Whether you are looking for general information or have a specific question, we want to help!

Request More Information

Print Friendly, PDF & Email