Certified Information Systems Security Professional
Shon Harris
Certified Information Systems Security Professionals
CISSP
Education > CBT > Security Courses
CISSP
CISSP Training
Certified Information Systems Security Professionals CISSP
 
 
CISSP

Computer Forensics Training - Digital Forensics and Electronic Discovery
Product Code:PN-DFCFED

List Price  : $795.00
Sale Price : $695.00

Product Options

  • Single User License
  • MultiUser Library License Add $695.00

Detailed Description

The dramatic increase in computer-related crime requires corporate security personnel and law enforcement agents to understand how to legally obtain electronic evidence stored in computers.
Electronic records such as computer network logs, e-mails, word processing files, and “.jpg” picture files increasingly provide the government and corporations with important (and sometimes essential) evidence in criminal and civil cases.

One of the purposes of CFED - Computer Forensics & Electronic Discovery is to provide law enforcement agents and corporate security personnel with systematic guidance that can help them understand some of the issues that arise when they seek electronic evidence in criminal and civil investigations

Included in this Program

  • 7 CD-ROMs featuring live instructor-led classroom sessions with full audio, video and demonstration components
  • Printable courseware
  • Focused on practical solutions to real-world development problems
  • Free 1 Year Upgrade Policy

Course Outline

Module 1 - Computer Forensic Incidents
Computer Forensic Incidents
Introduction
The Legal System
Criminal Incidents
Civil Incidents
Computer Fraud
Internal Threats
External Threats
Investigative Challenges
Module 1 Review

Module 2 - Digital Incident Response
Digital Incident Response
Digital Incident Assessment
Initial Assessment
Type of Incident
Parties Involved
Incident / Equipment Location
Available Response Resources
Securing Digital Evidence
Chain of Custody
Potential Digital Evidence
Module 2 Review

Module 3 - OS / Disk Storage Concepts
OS / Disk Storage Concepts
Disk Based Operating Systems
OS / File Storage Concepts
Disk Storage Concepts 1
Demo - Creating a file and writing it to FAT/NTFS
Disk Storage Concepts 2
Slack Space
File Management
File Formats
Demo - Using Quick View Plus
Module 3 Review

Module 4 - Digital Acquisition & Analysis Tools
Digital Acquisition & Analysis Tools
Digital Acquisition
Terms Defined
Demo - Generic Hash Demo / CryptoDemo
Demo - Hashing a File
Digital Acquisition Procedures 1
Demo -Winhex Software
FTK Explorer / EnCase
Demo - EnCase Acquisition
Digital Acquisition Procedures 2
Digital Forensic Analysis Tools
Demo - FTK
Module 4 Review

Module 5 - Forensic Examination Protocols
Forensic Examination Protocols
What is Forensic Science?
Applying the Scientific Method
Cardinal Rules
Alpha “5”
Demo - Create Disk Images
Demo - Data Recovery Exercise
“The 20 Basic Steps”
Demo - File Carving Exercise
Module 5 Review

Module 6 - Digital Evidence Protocols
Digital Evidence Protocols
Digital Evidence Concepts
Data Files: Active Data
Data Files: Archival Data
Data Files: Backup Data
Data Files: Residual Data
Data Files: Electronic Mail (E-Mail)
Data Files: Background Data
Data Files: Metadata
Digital Evidence: Admissibility
Digital Evidence: In Summary
Demo - Viewing Metadata of a Graphic File
Demo - Detailed Lab Exam of Evidence
Module 6 Review

Module 7 - Digital Evidence Presentation
Digital Evidence Presentation
The Best Evidence Rule
Digital Evidence: Hearsay
Authenticity and Alteration
Layman’s Analogies
Module 7 Review
Course Closure

 

© 2007 Logical Security, Inc.  
Certified Information Systems Security Professional