Account
(0)
Training
BSA/AML
Call Reports
Lending
Events
X
Regulations
>
Licensing
>
Certifications
>
Training
>
Events
>
HMDA
Reg E Compliance
SAFE and NMLS
ACH and Wire Transfers
Fair Credit Reporting and Advertising Compliance
TRID
TILA
Reg CC and Check Holds
TISA
ACH Training Courses
The Bank Secrecy Act
AML
SAR
Call Reports
TRID
UDAAP
Securities Licensing
Insurance Licensing
Property & Casualty License
Adjuster License
Safe/NMLS
Certified Financial Planner
Certified Regulatory Vendor Program Manager
Chartered Alternative Investment Analyst
Chartered Financial Analyst
Financial Risk Manager
Qualified Financial Advisor
ACH And Wire Transfers
Anti-Money Laundering
Bank Secrecy Act (BSA) Training
Call Reports
Deposit Compliance Training Courses
Fraud Prevention
Cyber Security Training
IRA Training
Legal / Risk Management
Safe Deposit Boxes
Suspicious Activity Reporting
Trusts And Estates
Bank Teller Training
Account Management
HMDA Regulations And Reporting Requirements
TRID
UDAAP
Bank Webinars
Bank Seminars
HR Webinars
HR Seminars
Details
Presenter
Computer Forensics And Electronic Discovery
Online Course: ID# 1003615
Price: $655.00
Qty:
About This Course:
The Computer Forensic and Electronic Discovery course is designed to train cyber crime investigators to furnish irrefutable burden of proof from a digital artifact.
In taking this course you will learn electronic discovery, advanced investigation techniques, seizure concepts, forensic examination and much more. This course will prepare you for the CDFE certification provided by Mile2.
Benefits
Electronic discovery and advanced investigation techniques
Essential to encountering digital evidence while conducting an investigation
Recognize, seize, preserve and present digital evidence
Session 1
Section A: Course Overview
Introduction
Disclaimers and Prerequisites
Using the Student Guide
Computer Forensics Defined
Digital Evidence
E-Discovery Process
CDFE Course Objectives
Section B: Digital Forensics Incidents
Digital Incidents Overview
Charles Lund
Cybercrime.gov Web Site
Latest Press Releases
Computer Crime Cases
Legal Resources and Legislation
Computer Fraud and Abuse Act
Robert Morris
Section C: Type of Investigations
Criminal Incidents
Council of Europe on Cybercrime
Dealing with Foreign Countries
Civil Incidents
Types of Criminal Incidents
Computer Fraud
CFO Takeover Case
Investigating Fraud
Items to Investigate
Section D: Internal and External Threats
Internal Threats
Internal Threat Example
External Threats Defined
External Threat Types
Investigative Challenges
Media Volume
Using Forensics Tools
Attorneys vs. Investigators
Section E: Understanding the Assessment
Digital Incident Responses
Digital Incident Assessment
Assessment Considerations
Incident Types
Parties Involved
Confidential Informants
Operational Security
Section F: Assessment Equipment Needs
Incident/Equipment Location
Available Response Resources
Securing Digital Evidence
Proof of Secure Evidence
Chain of Custody
Incident Response Seizure Form
Chain of Custody Form
Evidence Placement
Kinds of Digital Evidence
Section G: File Storage Concepts
File Storage Overview
-Based Operating Systems
Understanding FAT and NTFS
Storage Concepts
Directories Defined
File Saving Process
File Structure
Stream Explorer Demo
Section H: Disk Storage Concepts
Understanding Disk Storage
Disk Read/Write Process
Hard Disk Breakdown
Master Boot Record
Slack Space
File Management
Word Size
Memory
Understanding File Formats
Quick View Plus
Session 2
Section A: Acquisition and Authentication
Digital Acquisition Overview
Digital Acquisition
Copying vs. Duplicating
Authentication
Generic Hash Demo
Text to Hex Demo
Creating a Hash
View MD5 Hash Result
Hash Extraction Reasons
eXpress CheckSum Calculator
Section B: Acquisition Procedures/Analysis Tools
Acquisition Procedures
On-Scene Acquisitions
ICS DriveLocks
RoadMASSter and ImageMASSter
Logicube and Paraben Duplicators
Laboratory Acquisitions
After Documentation
Logical Review
Acquisition Options
Section C: Duplication Demo
Innovision USB Write Blocker
Write-Protecting a Device
Cloning Disks with WinHex
FTK Imager
Specify Evidence Information
Image Destination Considerations
Creating the Image
dd.exe Overview
Creating a dd.exe Image
FTK Imager Results
WinHex Physical Hash
View dd.exe Image Results
Compare FTK and WinHex Physical Hashes
Section D: Investigation Analysis and Disk Cleaning
DC3 Operations
Analysis Phase
Disk Redactor and Disk Wipe
Cleaned Drive and Other Tools
FTK Overview
Case Log Options/Processes to Perform
Refining and Adding Evidence
Indexing Items
Alert Files and Bad Extensions
Encrypted, OLE, and Ignorable Files
Tab
Graphics and E-Mail Tabs
Search Tab
Bookmark Tab and Summary
Section E: Assessment Rules
Assessment Overview
Forensic Science
Digital Forensics
Scientific Method
Cardinal Rules
The ALPHA 5 System
Examinations
ALPHA 5 Steps
Section F: Assessment Details
Assessment
Acquisition
Authentication
Analysis and Reporting
Archive
The 20 Basic Steps
Steps 2 and 3
Steps 4 - 6
Steps 7 and 8
Boot Record Data with WinHex
Steps 9 - 14
Manual and FTK Data Carving
Steps 15 - 17
Steps 18 - 20
Section G: Digital Evidence Protocols
Digital Evidence Overview
Digital Evidence Concepts
Levels of Proof
Court Example
Types of Data
Ntuser.dat Analysis
Residual Data - Free Space
Free Space
Residual Data - File Slack
File Slack - Partial Artifacts
File Slack - Results
Residual Data - RAM Slack
Section H: Digital Evidence Protocols Continued
Swap Files
PageFile.sys
PageFile.sys Results and Searches
Residual Data - Temp Files
Residual Data - Unallocated Space
Electronic Mail
Background Data
Metadata
Viewing Photo Exifdata
Viewing File Metadata
Admissibility
Digital Evidence Summary
Session 3
Section A: The Role of Evidence
Lesson Objectives
Evidence
Types of Evidence
Electronic Files
Documentation Process
Writings or Recordings
Best Evidence Rule
Section B: Authenticity and Alteration
Authenticity and Alteration Decoded
Layman's Analogies
Forensic Report Template
Filling Out the Report
Common Assaults
Section C: Theoretical Background
Forensic Theory Overview
Locard's Exchange Principle
Recovery
Classification
Reconstruction
Temporal Aspects
TimeStomp
Using TimeStomp
Section D: Tracking Down the Suspect
Behavioral Evidence Analysis
Equivocal Forensic Analysis
Isiscan.com
Stages of Digital Evidence Examination
Victimology
Cybertrails
eMailTrackerPro
CentralOps.net
Questions on Cybertrails
Incident Scene Characteristics
Section E: Laboratory Validation
QA Objectives
Protocols
Quality Assurance
Standard Operating Procedures
Reports
Section F: Examination Review
Peer Review
Peer Review Details
Consistency
Accuracy
Research
Validation
Relevance
Liability and Legal Considerations
Peer Review Wrap-up
Annual Review
Section G: Deviation Policies and Lab Intake
Deviation
Deviation Guidelines
Deviation Consultation
Lab In
Have Questions?
Contact Us For More Information
Order:
Computer Forensics And Electronic Discovery
Price: $655.00
Qty:
Details
Presenter
Share This:
Share on Facebook
Share on Twitter
About Us
Guarantee
Privacy
Join our Email List
Affiliate Program
List Your Courses
Contact Us
My Account
BankTrainingCenter.com. 5755 North Point Parkway, Suite 227 | Alpharetta, GA 30022 | 770-410-9375 | support@BankTrainingCenter.com
Copyright BankTrainingCenter.com 2024 | Web Site Development by OTAU
%%chngBtnTxt%%