Course Description
Computer crimes call for forensics specialists, people who know how to find and follow the evidence. This course examines the fundamentals of system forensics, such as what forensics is, the role of computer forensics specialists, computer forensic evidence, and application of forensic analysis skills. In this course, you will learn about computer crimes, forensic methods,and laboratories and addresses the tools, techniques,and methods used to perform computer forensics and investigation. Finally, it explores emerging technologies as well as future directions of this interesting and cutting-edge field.
In addition to premium instructional content from Jones & Bartlett Learning's comprehensive Information Systems Security and Assurance (ISSA) curriculum, this course provides access to a customized "virtual sandbox" learning environment that aggregates an unparalleled spectrum of cybersecurity applications. Providing instant, unscheduled access to labs from the convenience of a web-browser, this course allows you to practice "white hat" hacking on a real IT infrastructure-these are not simulations. Winner of the "Security Training and Educational Programs" top prize at the prestigious 2013 Global Excellence Awards by Info Security Products Guide, the industry's leading information security research and advisory guide, these labs provide valuable exposure to complex, real world challenges and over 200 hours of training exercises on how hackers and perpetrators use these applications and tools.
Certification:
This course covers content within the following industry certification exam:
- Certified Information Systems Security Professional (CISSP) - two content domains covered
What You'll Learn
- The role of computer forensics in responding to crimes and solving business challenges
- System forensics issues, laws, and skills
- Purpose and structure of a digital forensics lab
- Evidence life cycle
- Procure evidence in physical and virtualized environments
- Impact of sequestration on the evidence-gathering process
- Collect evidence in network and email environments
- Automated digital forensic analysis
- Report investigative findings of potential evidentiary value
- Constraints on digital forensic investigations
Who Needs to Attend
- Information security analysts
- Payroll specialists
- IT infrastructure security specialists
- People who decide which information technology and cybersecurity products to acquire for their organization
Prerequisites
General knowledge of networking and management information systems
Follow-On Courses
This is the final course in the Global Knowledge 10-course Information Systems Security & Assurance curriculum.
Course Outline
1. The System Forensics Landscape
- Introduction to Forensics
- Overview of Computer Crime
- Forensics Methods and Labs
2. Technical Overview: System Forensics Tools, Techniques, and Methods
- Collecting, Seizing, and Protecting Evidence
- Understanding Information-Hiding Techniques
- Recovering Data
- Email Forensics
- Windows Forensics
- Linux Forensics
- Mac Forensics
- Mobile Forensics
- Performing Network Analysis
3. Incident Response and Resources
- Incident and Intrusion Response
- Trends and Future Directions
- System Forensics Resources
Labs
Lab 1: Perform a Byte-Level Computer Audit
Lab 2: Apply the Daubert Standard on the Workstation Domain
Lab 3: Create a Forensic System Case File for Analyzing Forensic Evidence
Lab 4: Uncover New Digital Evidence Using Bootable Utilities
Lab 5: Automate Digital Evidence Discovery Using Paraben's P2 Commander
Lab 6: Apply Steganography to Uncover Modifications to an Image File
Lab 7: Decode an FTP Protocol Session and Perform Forensic Analysis
Lab 8: Automate Image Evaluations and Identify Suspicious or Modified Files
Lab 9: Craft an Evidentiary Report for a Digital Forensics Case
Lab 10: Perform an Incident Response Investigation for a Suspicious Login
Software used in these labs include: DevManView, WinAudit, WinHex, P2 Commander, FavoritesView, Helix, IECacheView, IEHistoryView, IECookiesView, MyLastSearch, Process Explorer, S-Tools, NetWitness Investigator, Wireshark, and Splunk. Please note that software may be updated or changed to keep pace with new data in the field.
Agenda
1. The System Forensics Landscape
- Introduction to Forensics
- Overview of Computer Crime
- Forensics Methods and Labs
2. Technical Overview: System Forensics Tools, Techniques, and Methods
- Collecting, Seizing, and Protecting Evidence
- Understanding Information-Hiding Techniques
- Recovering Data
- Email Forensics
- Windows Forensics
- Linux Forensics
- Mac Forensics
- Mobile Forensics
- Performing Network Analysis
3. Incident Response and Resources
- Incident and Intrusion Response
- Trends and Future Directions
- System Forensics Resources
Audience
- Information security analysts
- Payroll specialists
- IT infrastructure security specialists
- People who decide which information technology and cybersecurity products to acquire for their organization