Digital Forensics Training
Digital Forensics TrainingDigital forensics is a branch of computer science that focuses on developing evidence pertaining to digital files for use in civil or criminal court proceedings. Digital forensic evidence would relate to a computer document, email, text, digital photograph, software program, or other digital record which may be at issue in a legal case.
Forensic science is the study of any field as it pertains to legal matters. Forensic evidence refers more specifically to evidence which meets stringent standards of reliability and scientific integrity for admissibility in court. Digital forensics is the forensic science related to computer operations, software, and files, as well as the digital or electronic files contained on other technology-based appliances or storage devices, such as a digital camera. There is a broad array of applications of digital forensics to civil and criminal cases.Digital media seized for investigation is usually referred to as an “exhibit” in legal terminology. Investigators employ the scientific method to recover digital evidence to support of disprove a hypothesis, either for a court of law or in civil proceedings.
Introduction to Computer Forensics
Forensic Examination Procedures
Introduction to Chain of Custody
Preparing ur own Forensics tool kit
Difference between IR & Forensics
Incidence Response
IRM & forensics Life Cycle
Windows Incidence Response
Do’s & Dont’s in incidence response
Different Methods of Live Acquisition
Understanding Order of Volatality
Memory Acquisition
Analyzing Volatile Data
Dynamic Disk Imaging
Command based Acquisition
Analyzing Windows Registry
Analyzing Event viewer logs
Imaging Volitaile data using netcat
Verifying Memory dumps
Analyzing Security policies
Linux Incidence response
Understanding Linux Ext3/Ext4 file systems
Understanding Boot process
Boot problem cheat sheets
Key differences between Windows & Linux
Creating Response Toolkit
Running Bash scripts to acquire live image
Hash verification of output files
Forensics
Types of Forensics
Physical imaging Vs Logical imaging
Understanding different methods of forensics duplication
Traditional approach to forensics
Acquisition
Methods of acquisition
Imaging using encase
Imaging using DEFT Linux
Imaging using Helix
Imaging using SIFT workstation
Imaging using FTK
Analysis
Understanding Metadata
Analyzing swap & pagefiles
Physical Analysis Vs Logical Analysis
Mounting images to analysis tools
Deleted file recovery
Timestamp Analysis
Analyzing Raw partitions
Analyzing Stenographic data
Understanding slacks
String based searching
Keyword based searching
Articulation
Evidence collection
Documenting Investigation process
Timestamps Recording
Hash calculations recording
Do’s and Don’ts
Browser Forensics
Introduction to browser Forensics
IE forensics
IE log analysis
Rebuilding IE cache & History
Understanding Firefox logging & cache architecture
Analyzing Firefox sqlite database
Firefox Log Analysis
Reconstructing Firefox cache & History
Chrome Forensics
Opera Forensics
Tool based browser Forensics
Using NetAnalysis, Blade, History Extractor
Webhistorian
Skype log Analysis
Rebuilding skype chat
Network Forensics
Introduction to Network Foresnics
Understanding network Architecture
Understanding network Logging
Investigating Wireless logs
Investigating Network logs
Webserver log Analaysis
IIS server Logs Architecture
IIS log analysis using IE log Analyzer
Apache Web server logging architecture
Apache log analysis using apache log viewer
SIEM
Introduction to SIEM
Installing Splunk
Configuring Splunk for weblogs
Configuring Splunk for Network log analysis
Log Analaysis
Understanding Firewall logs
Configuring Syslog server
Syslog log reading
Cisco firewalls logging Methodology
Cisco firewalls log analysis
Understanding IDS Mechanism
Overview of IDS Alerts & Sensors
IDS log Analysis
Router Forensics
Router log analysis
Fraud & Forensics Analysis
Cyber Laws
Offences & Penalites
Investigating Sexually Harassment cases
Investigating Threat Mails
E-Mail Tracking
Cyber Pornography
Case study
Packet Analysis using wireshark
Packet Analysis using Xplico
Packet Analysis using NetworkMiner
Test disk image analysis
Participating Forensic challenges