Have you been charged with finding abuse or even criminal activities you your companies IT systems? Computer abuse and crime is here to stay. Digital Forensics deals with the recovery and investigation of information from digital devices like computers, cell phones, and more. The rate of fraud in recent years requires increasing IT duties as a very important part of the overall security picture. This class introduces the basic concepts and procedures as well as the “how-to” skills of forensics using hands on exercises.
In this course we will investigate Windows OS computers though the lessons learned can easily be applied to Unix, Linux or Mac OS X.
Performance Objectives: Upon completion of this course you should be able to:
- Describe what is digital forensics
- Explain the effect of Locard’s Exchange Principle
- Implement a digital forensic investigation
- Explain the difference in a live vs dead system investigation
- Build a lab to facilitate forensic examinations
- Build a “go kit” for portable and on-site investigations
- Understand the impact of chain-of-custody
- Investigate a Windows OS system
- Implement or defend against anti-forensics
- Describe the legal issues in forensic investigations
Competencies covered in this course: Learning to recover and investigate information from digital devices
Intended Audience: Any computer technology professionals needing IT security skillset
Recommended Pre-requisite: Windows Experience