Course Overview
This course will provide a foundation in the field of Computer Forensics. The student will learn how to obtain and analyse digital information for possible use as evidence in civil, criminal or administrative cases. Topics include applications of hardware and software to computer forensics, computer forensics law, volume and file system analysis, computer forensics investigations, and computer forensics in the laboratory. Hands-on exercises guide discussions and reinforce the subject matter.
This course is designed as an introductory course in computer forensics. Students will first understand the need for computer forensics. Students will learn best practices for general incidence response. The course will then focus on the tools and techniques to perform a full computer forensic investigation.
Who Should Attend?
The course has been designed for IT personnel, administrators, computer support staffs and an end-user who are aware the importance of data in their storage. No previous repair or data recovery experience necessary. This training is intended to be introduced to the latest data recovery techniques and solutions.
Data Recovery – Schedule
Day 1 |
|
09.00am – 10.00am |
Introduction to Computer Forensics
|
10.00am – 10.30am |
Breakfast |
10.30am – 12.45pm |
Computer Hardware
Computer Forensic Incidents
|
12.45pm – 02.15pm |
Lunch |
02.15pm – 05.00pm |
Digital Incident Response
OS / Disk Storage Concepts
|
Day 2 |
|
09.00am – 10.00am |
Digital Acquisition & Analysis Tools
|
10.00am – 10.30am |
Breakfast |
10.30am – 12.45pm |
The Forensic Toolkit
E-mail Analysis
|
12.45pm – 02.15pm |
Lunch |
02.15pm – 05.00pm |
File Signature Analysis
Forensic Examination Protocols
|
Day 3 |
|
09.00am – 10.00am |
Other Windows Artifacts
|
10.00am – 10.30am |
Breakfast |
10.30am – 12.45pm |
Image Restoration
Data Carving
|
12.45pm – 02.15pm |
Lunch |
02.15pm – 05.00pm |
Anti-Forensics
Digital Evidence Presentation
|