Scribd
Upload
335 views5 pages

Certified Digital Forensic Examiner v8

The 3-day Certified Digital Forensics Examiner course teaches students electronic discovery and investigation techniques through instructor-led classes and online training. The course covers topics such as computer forensic incidents, evidence acquisition, disk and mobile device forensics, and report writing. Students learn to establish forensic standards, evaluate crime scenes, analyze digital evidence, and prepare for the certification exam. Upon completing the course, students will be prepared to competently conduct digital forensic investigations and take the Certified Digital Forensics Examiner certification exam.

Uploaded by

Chris Buenaventura
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
335 views5 pages

Certified Digital Forensic Examiner v8

The 3-day Certified Digital Forensics Examiner course teaches students electronic discovery and investigation techniques through instructor-led classes and online training. The course covers topics such as computer forensic incidents, evidence acquisition, disk and mobile device forensics, and report writing. Students learn to establish forensic standards, evaluate crime scenes, analyze digital evidence, and prepare for the certification exam. Upon completing the course, students will be prepared to competently conduct digital forensic investigations and take the Certified Digital Forensics Examiner certification exam.

Uploaded by

Chris Buenaventura
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

Certified Digital Forensics Examiner

COURSE OVERVIEW

Course Title: Certified Digital The Certified Digital Forensics


Forensics Examiner Examiner vendor neutral certification Forensics Career
is designed to train Cyber Crime and
Duration: 3 days Fraud Investigators whereby students
Class Format Options: are taught electronic discovery and
advanced investigation techniques.
Instructor-led classroom This course is essential to anyone
Live Online Training encountering digital evidence while
Prerequisites: conducting an investigation.
• A minimum of 1 year in Certified Digital Forensics

*
computers Examiner training teaches the
Student Materials: methodology for conducting a
computer forensic examination.
• Student Workbook Students will learn to use forensically
• Student Lab guide sound investigative techniques in
• Exam Prep guide order to evaluate the scene, collect
Certification Exams: and document all relevant
information, interview appropriate
• C)DFE – Certified Digital personnel, maintain chain-of-custody,
Forensics Examiner and write a findings report.

The Certified Digital Forensics


Examiner course will benefit
WHO SHOULD ATTEND?
organizations, individuals,
• Security Officers government offices, and law
• IS Managers enforcement agencies interested in All combos include:
• Agents/Police Officers pursuing litigation, proof of guilt, or • Online Video
corrective action based on digital
• Attorneys • Electronic Book
evidence.
• Data Owners (Workbook/Lab guide*)
• IT managers • Exam Prep Questions
• IS Manager/Officers UPON COMPLETION
Upon completion, Certified Digital
Forensics Examiner students will be
able to establish industry acceptable
digital forensics standards with
current best practices and policies.
Students will also be prepared to
competently take the C)DFE exam.
ACCREDITATIONS

COURSE CONTENT

Module 0: Introduction Module 9: Digital Evidence


Module 1: Computer Forensic Presentation
Incidents Module 10: Computer Forensic
Module 2: Incident Handling Laboratory Protocols
Module 3: Computer Forensic Module 11: Computer Forensic
Investigative Theory Processing Techniques
Module 4 Computer Forensic Module 12: Specialized Artifact
Investigative Process Recovery
Module 5: Digital Acquisition Module 13: e-Discovery and ESI
Module 6: Disks and Storages Module 14: Mobile Forensics
Module 7: Forensic Evidence Module 15: Digital Forensics
Protocols Reporting
Module 8: Digital Evidence
Protocols

LAB OUTLINE

Scenario Lab 6 – Prepare the Case Evidence


Lab 1 – Chain of Custody Lab 7 – Finding Clues
Lab 2 – Identify Seized Evidences Lab 8 – Construct the Case events
Lab 3 – Devices Acquisition Lab 9 – Tie evidence found to the seized
Lab 4 – Prepare the Case Evidence Android device
Lab 5 – Investigate the Acquired Evidence Lab 10 – Incident Response

2
COURSE OUTLINE
Module 0 – Course Introduction
Module 1 – Computer Forensics Incidents
• Section 1 – Origins of digital forensic science
• Section 2 – Differences between criminal and civil incidents
• Section 3 – Types of computer fraud incidents
• Section 4 – Internal and external threats
• Section 5 – Investigative challenges
Module 2 – Incident Handling
• Section 1 – What is an Incident?
• Section 2 – Incident Handling Steps
• Phase 1: Preparation
• Phase 2: Identification and Initial Response
• Phase 3: Containment
• Phase 4: Eradication
• Phase 5: Recovery
• Phase 6: Follow-up
Module 3 – Computer Forensic Investigative Theory
• Section 1 – Investigative Theory
• Section 2 – Investigative Concepts
• Section 3 – BEA & EFA
Module 4 – Computer Forensic Investigative Process
• Section 1 – Investigative Prerequisites
• Section 2 – Investigation Process
Module 5 – Digital Acquisition
• Section 1 – Acquisition Procedures
• Section 2 – Evidence Authentication
• Section 3 - Tools
Module 6 – Disks and Storages
• Section 1 – Disk OS and Filesystems
• Section 2 – Spinning Disks Forensics
• Section 3 – SSD Forensics
• Section 4 – Files Management
Module 7 – Forensic Examination Protocols
• Section 1 – Science Applied to Forensics
• Section 2 – Cardinal Rules & Alpha 5
• Section 3 – The 20 Basic Steps of Forensics
Module 8 – Digital Evidence Protocols
• Section 1 – Digital Evidence Categories
• Section 2 – Evidence Admissibility
Module 9 – Digital Evidence Presentation
• Section 1 – The Best Evidence Rule
• Section 2 - Hearsay
• Section 3 – Authenticity and Alteration

3
Module 10 – Computer Forensic Laboratory Protocols
Module 11 – Computer Forensic Processing Techniques
Module 12 – Specialized Artifact Recovery
• Section 1 – Forensics Workstation Prep
• Section 2 – Windows Components with Investigative Interest
• Section 3 – Files Containing Historical Information
• Section 4 – Web Forensics
Module 13 – eDiscovery and ESI
Module 14 – Mobile Forensics
• Section 1 – Cellular Network
• Section 2 – Forensic Process
• Section 3 - Tools
• Section 4 – Paraben Forensics
Module 15 – Digital Forensics Reporting

DETAILED LAB OUTLINE


Scenario
Lab 1 – Chain of Custody
• Section 1 – Create logs for each piece of evidence available
Lab 2 – Identify Seized Evidences
• Section 1 – Identify the Evidences
• Section 2 – Update Chain of Custody Document
Lab 3 – Devices Acquisition
• Section 1 – Acquire the 2012 Server
• Section 2 – Acquire the Windows 10 Laptop
Lab 4 – Prepare the Case Evidence
• Section 1 – Add 1st Evidence to Autopsy
• Section 2 – Learn to Navigate with Autopsy
• Section 3 – Extract Registry
Lab 5 – Investigate the Acquired Evidence
• Section 1 – Find and record basic information
• Notes and Answer
Lab 6 – Prepare the Case Evidence
• Section 1 – Add 2nd Evidence to Autopsy
• Section 2 – Extract Registry
• Section 3 – Investigate the Evidence
Lab 7 – Finding Clues
• Section 1 – Find Installed Applications
• Notes and Answers
Lab 8 – Construct the Case events
• Section 1 – Using emails information, answer the questions below
• Section 2 – Using gathered information, answer the questions below
• Section 3 – Testing the discovered tools in an isolated VM
• Notes and Answers

4
Lab 9 – Tie evidence found to the seized Android device
• Section 1 – Add Android Image to Autopsy
• Section 2 – Continue constructing the case
• Notes and Answers
Lab 10 – Incident Response
• Section 1 – Memory Capture
• Section 2 – Registry Hives
• Section 3 – Export directories from the Hard Drive
• Section 4– Analysis
• Section 5– Memory Analysis
• Section 5– Static Analysis

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy