Forensic Training

To expose students on digital forensics analysis foundations to be performed on analysis of internet activities artefacts on Windows systems.

Download Brochure

DURATION:
3 days

Address

Universiti Kuala Lumpur Malaysian Institute of Information Technology, Kuala Lumpur, Malaysia   View map

Categories

ACE , Short Courses
Course Overview This course is designed to expose students on digital forensics analysis foundations to be performed on analysis of internet activities artefacts on Windows systems. This includes discussion on windows specifics extraction and correlation artifacts such as file system, metadata and registry. This three days training will be essential in building forensics foundation skillsets whether he or she is new in digital forensics world, as well as seasoned security professionals to include those responsible as cyber incident handlers that the participants’ new additional knowledge necessary to be successful in their career, in performing their duties right after completing the training. Hands-on scenario based case study exercise performed throughout the training will put the knowledge gained into practices.
Course Objective Upon completion of this Internet Artefacts Forensics Analysis training course, participants should be able to:

·         Understand Forensics foundation concepts with specification provided

·         Operate the filesystem, image analysis and registry

·         Functionality of window artifacts and internet artefacts analysis

Target Audience This course is targeted for students, new professionals in digital forensics field, cyber incident response technical professionals, technical investigators as well as seasoned security professionals looking for understanding foundation of topics in digital forensics for Windows.
Course Outline  

DURATION COURSE OUTLINE
Day 1

Forensics Foundation

Ø  Forensics Concepts

Ø  Imaging Basics

Ø  Legal Requirements

Ø  Tools for Evidence Acquisition

Ø  Live System Acquisition and Analysis

Ø  Media acquisition and Image Analysis

Ø  Filesystem analysis

Ø  Hands-On Exercises

Day 2

Filesystem, Image Analysis and Registry

Ø  Windows Registry Analysis

Ø  Metadata

Ø  LNK Files

Ø  Browser Files Artifacts

Ø  Hands-on Exercises

Day 3

Windows Artifact & Internet Artefacts Analysis

Ø  Quick Memory Forensics

Ø  Extracting Timeline

Ø  Understanding MAC

Ø  Time Analysis

Ø  Correlating the Events

Ø  Recreating Chronology of Events from Timeline Analysis

Ø  Reporting

Ø  Forensics Challenge Hands-On Exercise

Duration 3 Days