Digital Evidence Investigator Training

Date:TBA

Price:

Location: Online

More Info

Available Online

This course is also available online with self-paced learning via our learning management system. Start today to earn your DEI Certified User Certificate today. The online self paced learning can be completed in about 16 hours.

Course Outline

Introductions & Getting Started

  • Digital Forensic Evidence and Triage Basics
  • Overview of How to Use Digital Evidence Investigator® (also knows as DEI)
    • DEI Terminology – Artifact Captures
    • DEI Terminology – File Captures
    • DEI Search Profiles – Quick, Intermediate and Comprehensive
    • Digital Evidence Investigator Workflow

Setup & Installation

  • Digital Evidence Investigator Software Installation and the Windows Assessment and Deployment Kit (WADK)

Booting & Bios 

  • Accessing BIOS/UEFI Setup
  • Accessing Boot Menu
  • UEFI and Fastboot Issues
  • Booting Apple Macintosh computers

Capture: Conducting a Scan

  • Case Study: Scanning attached media
  • Case Study: Scanning drive images
  • Case Study: Carrying out a boot scan
  • Case Study: Carrying out a live scan

Analysis: Navigating DEI 

  • Navigating Capture Results
  • Understanding Picture, Video, Keyword, Files and Timeline Views
  • Column Settings
  • Filtering Captures and Picture, Video, Keyword, Files and Timeline views
  • Tagging
  • Commenting

Reporting 

  • Case Study: Creating appropriate reports
  • Reporting – HTML
  • Reporting – CSV
  • Reporting – Stand-alone viewer

Customizing with Keywords and Hash Values

  • Case Study: Creating hash captures and leveraging targeted folders
  • Case Study: Creating keyword and regular expression searches
  • Case Study: Creating appropriate search profiles
  • Case Study: Importing keyword and hash lists
  • Case Study: Identifying good and bad keywords

Imaging

  • Device Imaging

Advanced Issues

  • Implications of thorough file identification and searching within containers
  • File type creation and implications
  • Searching browser cache issues
  • Case Study: Knowledge check

Get in touch with us today to discuss your training needs, learn more, or set up a private training for your investigators or examiners.

Related Posts

CCE BootCamp (6-10 September 2021)

April 13, 2021

Evimetry Responder

March 17, 2021

Detego Auto & Rapid Rip

February 9, 2021

Upcoming Trainings/Events

CCE BootCamp (6-10 September 2021)

CY200 Magnet AXIOM Cyber Examinations (6-9 June 2021)

BEC301 Mobile Device Investigations Course (8-10 November 2021)

BEC301 Mobile Device Investigations Course (12-14 July 2021)

BEC201 RAM Investigations Course (18-20 October 2021)

/* Omit closing PHP tag at the end of PHP files to avoid "headers already sent" issues. */