Advanced Computer Forensics
Certification Courses
Presented in partnership by Trial Solutions
and Acquisition Data, the Advanced Forensic Certification
Courses are intensive hands on 3 & 4 day training courses
in computer forensics that will teach you how to perform forensically
sound computer imaging and analysis. We are located in Houston
Texas.
Our advanced training courses in computer forensics
are hardware-and-software independent and
include using various commercial and open source tools. Real
world computer forensic examples are reinforced by hands on
practical exercises and exams. The advanced
forensics courses are intended for serious professional
forensic investigators, law enforcement personnel, and security
& network administrators that are responsible for the
legal imaging, analysis, and classification of digital
evidence left on computer hard drives and other devices
with electronic data storage capabilities.
Upcoming 2008 Certification courses scheduled in
Houston, TX on the following dates:
Full
calendar of upcoming computer forensic training events
Advanced Digital Forensics Course Track
For those looking for a structured advanced training program
and certifications, we offer a defined course track that becomes
progressively more advanced with each level.
Level 1 includes the CCE Bootcamp, which provides the foundation
for forensically sound methods and procedures and then progresses
to certification Levels 2 - 5, with Level 5E covering expert
witness preparation and techniques for testifying in court.
Our course track provides certification designations of Certified
Computer Forensic Professional (CCFP) Level 1 - 5(E).
An overview of each certification level is as follows:
» Level 1. CCE Bootcamp, including First Responder
& Forensic Imaging training.
4½ day training course in computer forensics that
will teach you how to perform forensically sound computer
examinations and prepare you to take the CCE certification
examination.
» Level 2. Windows Forensics - XP (In-depth
Forensic Imaging & Analysis - includes open source validation
tools) & Registry Analysis.
Three days of hands on training to locate and examine Recycle
Bin information, Metadata and OLE items, Link files, Thumbnail
files and other Windows artifacts. You will also learn the
forensic value of windows system and registry files
such as the NTUSER.DAT, SAM, SYSTEM, SECURITY and SOFTWARE
files. This class also focuses on how to gain access to protected
operating system files and files that have been encrypted
with the Microsoft Encrypting File System (EFS).
Attending this training will enable you to:
- View, search and analyze Windows artifact information
from unallocated space, file structure and registry information.
- Decrypt Microsoft's Encrypted File System (EFS)
- Recover Windows logon passwords, email and internet account
passwords and internet search terms from the registry
- Use software to seize live, protected operating system
files in the field.
» Level 3. Password Cracking, Applied Decryption
& Steganography (Includes Distributed Network Attack (DNA)
instruction).
In this class students will learn the science of cryptography
and how it plays a role in computer forensics.
This class will focus on the following areas:
- Introduction of Hash Functions
- Encryption Fundamentals
- Cryptosystem Design and Implementations
- Generating Biographical profile dictionaries
- Custom dictionaries based on user hard drive indexes
- Cracking Passwords
- Encrypted Virtual Containers
- Advanced Password Recovery
Algorithms
- Microsoft's Encrypted File System
- Distributed Computing
- Using Hash Functions in Court as Digital Fingerprints
- Defending Hash Functions in Court
- Steganography and Digital Watermarks
Students will also receive instruction on the use of Distributed
Network Attacks and Rainbow Tables.
» Level 4. Network & Internet Forensics
- Imaging live mail servers (Exchange), file servers &
RAID drives. Includes collecting and analyzing log data from
routers, file walls and Intrusion Detection Systems (IDS).
In this class you will receive hands on training to locate
and examine internet and network related artifacts
stored on a computer as well as collection of live servers.
The course will cover:
- Investigation of browser history, typed
URLs, Internet cookies, auto-complete data, stored usernames/passwords,
download activity, user profiles, Internet cache, web based
mail and MySpace.com artifacts for the latest versions of
Internet Explorer, Netscape Navigator, and Firefox.
- Investigation of instant messengers such
as: America Online and AIM Instant Messengers, MSN Messenger,
and Yahoo Messenger will also be covered. IM topics covered
will include; buddy/contact list interpretation, instant
message recovery, log files, unallocated space recovery,
screen name and password recovery, file transfer and file
sharing activity.
- Network topics covered will include imaging and
collection of live Exchange servers and file servers
as well as imaging of RAID drives. Collecting and analyzing
data from routers, hardware firewalls and intrusion detection
systems will also be touched on.
» Level 5. PDA and Cell Phone Forensics - includes
Blackberry imaging and analysis.
This class covers the fundamentals of PDA and cell phones
such as RIM Blackberry, Palm, Windows CE,
and common cellular handsets as well as a basic understanding
of SIM cards. Students will
acquire and analyze various live handheld devices using forensic
tools as well as exercise their analyzes skills on sample
cases.
Device OSs covered include:
- RIM
- Pocket PC
- Symbian
- Palm OS PDAs
- Embedded Linux
An in-depth instruction of PDA and cellular phone topics
include:
- Collection best practices and tools
- Data structure
- Storage & Security
- Cellular Networks
- SMS Technology
- SIM card analysis
- Data Recovery
» Level 5E. Computer Forensic Expert Witness
Course.
This class covers the fundamentals of developing and presenting
computer evidence testimony in court.
Please note that the course topics might change slightly
due to tool updates, etc.
We provide all computer hardware and software so that onsite
training is easily accommodated. Minimum course fees apply.
Courses taught in our Houston facility are a state-of-the-art
computer classroom setting at the Northwest Forest
Conference Center in Houston, TX. (Cypress
Software Training Room)
Accommodations are available from $85 (plus
tax) per night on the Northwest
Forest Training Campus, which is a corporate retreat facility
located in a quiet Houston suburb and offers an array of complimentary
indoor
and outdoor activities for guests.
Please contact us if you would like to be notified when the
course schedules are released.
Full
calendar of upcoming computer forensic training events
Reservations for the Advanced Forensics Courses are on a
first come first serve basis. Onsite training courses
are also available. For information, please contact
us at info@trialgraphic.com
or 713-462-6464. |
