Digital Forensics & Data Analysis 101 + CRO (15-19 Aug 2022)

Date:15-19 Aug 2022

Price: AUD $4812.50 for 5-day

Location: Face-to-Face/Virtual Instructor-Led

Price

$4,812.50

Digital Forensics & Data Analysis 101 + CRO Brochure

Download PDF

 

Course summary

This course is focused on providing Investigators with the knowledge required to perform a proper Collection, Triaging, Reviewing and Examination of Digital Evidence.

Cellebrite CRO

5-Day Instructor Led Course

 

Focus

This course is focused on providing Investigators with the knowledge required to perform a proper Collection, Triaging, and Reviewing of Digital Evidence.

 

Course outcomes include:

  • Digital Forensic Triage
  • Forensic Imaging of USB Devices
  • Reviewing Digital Evidence
  • Communicate and work efficiently with Digital and Cyber Teams
  • Mobile Device Technology Overview: Cellebrite Responder Operator (CRO)
  • Target audience
  • Government and Law Enforcement Investigators
  • Cyber Crime Investigators
  • Digital Forensic Investigators
  • IT Security Managers
  • Theory and practical
  • Multiple practical exercises are provided to enforce key concepts learned

 

Trainer

Zoran Iliev – Forensic Examiner
Master of eForensics and Enterprise Security

Day ONE

MOD 1: FORENSICS AND DIGITAL FORENSICS

  • What is Forensic Science
  • The role of the Forensic Science in the Legal System
  • Why is important to understand the forensic evidence
  • Identifying Forensic Traces

MOD 2: DIGITAL FORENSIC PRINCIPLES

  • Introduction and Discussion

MOD 3: HARDWARE PRINCIPLES

  • Desktops, laptops, and other devices with operating systems
  • Boot Process
  • Forensic Boot

MOD 4: STORAGE MEDIA PRINCIPLES

  • Different types of Digital Storage Devices and Media
  • Introduction to data organisation (file systems and data structures)
  • Remote / Network / Cloud Storage

MOD 5: OPERATING SYSTEMS

  • What is Operating System
  • Different types of Operating Systems
  • Common OS forensic artefacts
  • Application Software

Day TWO

MOD 6: DATA PRESERVATION PRINCIPLES

  • Different types of Hardware Write Blocking and Imaging Devices
  • Software Write Blocking Applications
  • The importance of testing and verification of DF tools

MOD 7: MANAGING DIGITAL EVIDENCE AT THE CRIME SCENE

  • What is Digital Forensic Crime Scene
  • Prepare before attending the Crime Scene
  • DF team member and the warrant holder
  • Interviewing suspects in relation to digital evidence
  • How to control the Digital Forensic Crime Scene
  • The importance of the forensic approach when processing Digital Evidence
  • Protect and manage digital evidence at the crime scene
  • Document digital evidence at the crime scene
  • Processing a crime scene involving digital evidence and perform preliminary survey
  • Introduction to Digital Forensic Triage
  • Develop a plan for successful triage of digital evidence

Day THREE

MOD 8: THE ACQUISITION PROCESS

  • Digital evidence collection
  • How to prepare/sterile Target Media
  • What is Forensic image and what is a Clone
  • Different types of Forensic Image Formats
  • Perform basic imaging
  • Data collection
  • Practical Exercises
  • Prepare target media
  • Test and verify DF tools
  • Imaging
  • Cloning
  • Data Containers
  • Targeted Collections
  • Authentication

Day FOUR

MOD 9: DIGITAL FORENSIC TRIAGE

  • The theory of DFT
  • Using different tools to perform DF Triage
  • Triaging of storage devices
  • Prioritising devices for Live examination and collection (Volatility Risk Assessment)
  • Triaging of computer systems and smart devices
  • Windows
  • Apple
  • Android
  • How to Identify “Hot Zones” for effective DFT on powered on systems
  • Live DFT Workflow
  • DFT and RAM
  • Identify Encrypted structures (Volumes, Folders…)
  • Bit Locker
  • Specialities of APPLE devices

MOD 10: OHS AND OFFICER SAFETY

  • How to identify and manage individual and environmental threats to an officer’s safety
  • How to deploy proper procedures and tactics to

MOD 11: DIGITAL EVIDENCE IN COURT

  • Introduction

Day FIVE

MOD 12: Mobile Device Technology Overview: Cellebrite Responder Operator (CRO)

  • CRO
  • Mobile Device Technology Overview
  • Data Locations
  • Forensic Handling of Mobile Devices
  • UFED Kiosk Tour
  • SIM Extraction with UFED Kiosk
  • Mobile Device Extraction with UFED Kiosk
  • SD Card Extractions with UFED Kiosk
  • Viewing Data using the UFED Kiosk

NOTE:

This list is dynamic and can be changed on request to include additional tools.

CDFS reserves the right to change the tools without prior notice unless otherwise agreed.

Related Posts

ZIF Adapter to SATA Adapter, with a Flex Cable

May 18, 2022

USB3.0 to SATA-3 Adapter – For Linux

May 18, 2022

USB3.0 to SATA Adapters – 4 Channel Kit include power – Linux

May 18, 2022

Upcoming Trainings/Events

Nuix Workstation® Forensic Practitioner Windows

Nuix Workstation® Forensic Practitioner Core & Foundations

Nuix Investigate® Administrator

Nuix Investigate® End User

AX301 MAGaK (Magnet AXIOM & GrayKey) Advanced iOS Examinations (15-18 November 2022) – Law Enforcement/Government Only