fbpx

This workshop is dedicated on Cyber Forensics & Crime Investigation. Computer Forensics is a detailed and scientific study, research and implementation of computer science subjects for the purpose of gathering digital evidence in cases of cyber crimes or for other scientific research purposes also it introduces the needs of the current cyber security sector.

Topics to Be Covered

MODULE 1

Module 1A - Course Introduction

Module 1B - Computer Forensics and Investigation as a Profession

  • Define computer forensics
  • Describe how to prepare for computer investigations and explain the difference between law enforcement agency and corporate investigations
  • Explain the importance of maintaining professional conduct

Module 1C - Digital Evidence - Legal Issues

  • Identifying Digital Evidence
  • Evidence Admissibility
  • Federal Rules of Evidence
  • Daubert Standard• Discovery
  • Warrants
  • What is Seizure?
  • Consent Issues
  • Expert Witness
  • Roles and responsibilities
  • Ethics: (ISC)2, AAFS, ISO

MODULE 2

Module 2A - Investigations

  • Investigative Process
  • Chain of Custody
  • Incident Response
  • E-Discovery
  • Criminal v. Civil v. Administrative Investigations
  • Intellectual Property
  • Reporting
  • Quality Control—Lab and Tool—Investigator—Examination—Standards
  • Evidence Management—SOPs—Collection—Documentation—Preservation—Transport / Tracking—Storage / Access Control—Disposition

Module 2B - Current Computer Forensics Tools and Hardware

  • Commercial
  • Free / Open Source

MODULE 3: DIGITAL FORENSICS

Module 3A - Forensic Science Fundamentals

  • Principles and Methods—Locard’s Principle, Inman-Rudin Paradigm, Scientific Method, Peer Review
  • Forensic Analysis Process

Module 3B - Hardware

  • Storage Media—Hard Disk Geometry, Solid State Drives, RAIDS
  • Operating System—Boot Process, BIOS/CMOS, The Swap File

Module 3C - File Systems

  • File Systems—NTFS File System, FAT File System, HFS+, Ext2/3/4, Embedded
  • Erased vs. Deleted
  • Live Forensics

MODULE 4: ANALYZING DATA

Module 4A - Hardware Forensics

  • Keyword Searching
  • Metadata
  • Time Line Analysis
  • Hash Analysis
  • File Signatures—File Filtering (KFF)
  • Volume Shadow Copies
  • Time Zone Issues
  • Link Files
  • Print Spool
  • Deleted Files—Recycle Bin Forensics
  • File Slack
  • Damaged Media—Physical Damage—Logical Damage—File Carving
  • Registry Forensics—USB Devices—HKLM
  • Multimedia Files—EXIF Data
  • Compound Files—Compression—Ole—ADS
  • Passwords

Module 4B - Web Application Forensics

  • Common Web Attack Vectors—SQL Injection—Cross-Site Scripting—Cookies
  • Browser Artifacts
  • Email Investigators—Email Headers—Email Files
  • Messaging Forensics
  • Database Forensics
  • Software Forensics—Traces and Application Debris—Software Analysis (Hashes, Code Comparison Techniques, etc.)
  • Malware Analysis—Malware Types and Behavior—Static vs. Dynamic Analysis

MODULE 5 - NETWORK FORENSICS

  • TCP/IP—IP Addressing—Proxies—Ports and services
  • Types of Attacks
  • Wired vs. Wireless
  • Network Devices Forensics—Routers,—Firewalls,—Examining Logs• Packet Analysis• OS Utilities—Netstat—Net sessions—Openfiles• Networking Monitoring Tools—SNORT—Wire shark—NetworkMiner

 MODULE 6 - Anti-Forensics

  • Hiding—Encryption (Symmetric, Asymmetric, TrueCrypt Hidden Partitions)—Steganography—Packing—Hidden Devices (NAS)—Tunneling / Onion Routing
  • Destruction—Wiping/Overwriting—Corruption / Degaussing
  • Spoofing—Address Spoofing—Data Spoofing (Timestamping)
  • Log Tampering
  • Live Operating Systems

MODULE 7 - Mobile Devices

  • Types of Devices—GPS—Cell Phones—Tablets
  • Vendor and Carrier Identification—Obtaining Information from Cellular Provider
  • GSM vs. CDMA
  • SIM Cards
  • Common Tools
  • Methodology
  • Advanced Mobile Forensics (JTAG, chip-off)

Eligibility Criteria : There are no pre-requisite for joining this training program. Students from any branch can participate in this training Program. 

Certification Policy:

  • Certificate of Merit for all the workshop participants.
  • Certificate of Coordination for the coordinators of the campus workshops

Duration: 5 Days - The duration of this workshop will be five consecutive days, with 6-7 hour session each day.

Our Clients