Digital Evidence Investigator Training

Date:TBA

Price:

Location: Online

More Info

Available Online

This course is also available online with self-paced learning via our learning management system. Start today to earn your DEI Certified User Certificate today. The online self paced learning can be completed in about 16 hours.

Course Outline

Introductions & Getting Started

  • Digital Forensic Evidence and Triage Basics
  • Overview of How to Use Digital Evidence Investigator® (also knows as DEI)
    • DEI Terminology – Artifact Captures
    • DEI Terminology – File Captures
    • DEI Search Profiles – Quick, Intermediate and Comprehensive
    • Digital Evidence Investigator Workflow

Setup & Installation

  • Digital Evidence Investigator Software Installation and the Windows Assessment and Deployment Kit (WADK)

Booting & Bios 

  • Accessing BIOS/UEFI Setup
  • Accessing Boot Menu
  • UEFI and Fastboot Issues
  • Booting Apple Macintosh computers

Capture: Conducting a Scan

  • Case Study: Scanning attached media
  • Case Study: Scanning drive images
  • Case Study: Carrying out a boot scan
  • Case Study: Carrying out a live scan

Analysis: Navigating DEI 

  • Navigating Capture Results
  • Understanding Picture, Video, Keyword, Files and Timeline Views
  • Column Settings
  • Filtering Captures and Picture, Video, Keyword, Files and Timeline views
  • Tagging
  • Commenting

Reporting 

  • Case Study: Creating appropriate reports
  • Reporting – HTML
  • Reporting – CSV
  • Reporting – Stand-alone viewer

Customizing with Keywords and Hash Values

  • Case Study: Creating hash captures and leveraging targeted folders
  • Case Study: Creating keyword and regular expression searches
  • Case Study: Creating appropriate search profiles
  • Case Study: Importing keyword and hash lists
  • Case Study: Identifying good and bad keywords

Imaging

  • Device Imaging

Advanced Issues

  • Implications of thorough file identification and searching within containers
  • File type creation and implications
  • Searching browser cache issues
  • Case Study: Knowledge check

Get in touch with us today to discuss your training needs, learn more, or set up a private training for your investigators or examiners.

Related Posts

PROTON PDS-SSD SOLID STATE DESTROYER

June 11, 2021

Proton Erased / Non-Usable Labels

June 11, 2021

Proton T-4 Deployment Case

June 11, 2021

Upcoming Trainings/Events

Cellebrite Chip-Off Forensics Training (CCOF)

201C AIIT Advanced Internet Intelligence & Online Investigations Training (19-20 August 2021)

202C SMI Social Media Intelligence & Investigation (2-3 September 2021)

CCE BootCamp (6-10 September 2021)

BEC301 Mobile Device Investigations Course (8-10 November 2021)