Digital Forensics & Data Analysis 101 + CUFO (22-26 March 2021)

Date:22-26 March 2021

Price: AUD $3960 for 5-day

Location: Virtual Instructor Led and/or Classroom, Fyshwick ACT (pending COVID-19 Restrictions)

Price

$3,960.00

Course Summary

This 5-Day Instructor Led course is focused on providing Investigators with the knowledge required to perform a proper Collection, Triaging, and Reviewing of Digital Evidence.

 

Course Outcomes

  • Digital Forensic Triage
  • Forensic Imaging of USB Devices
  • Reviewing Digital Evidence
  • Communicate and work efficiently with Digital and Cyber Teams
  • Mobile Device Technology Overview: Cellebrite UFED Field Operator (CUFO)
  • Target audience
  • Government and Law Enforcement Investigators
  • Cyber Crime Investigators
  • Digital Forensic Investigators
  • IT Security Managers
  • Theory and practical
  • Multiple practical exercises are provided to enforce key concepts learned

 

Trainer

  • Zoran Iliev – Forensic Examiner, Master of eForensics and Enterprise Security

 

Day ONE

MOD 1: FORENSICS AND DIGITAL FORENSICS

  • What is Forensic Science
  • The role of the Forensic Science in the Legal System
  • Why is important to understand the forensic evidence
  • Identifying Forensic Traces

MOD 2: DIGITAL FORENSIC PRINCIPLES

  • Introduction and Discussion

MOD 3: HARDWARE PRINCIPLES

  • Desktops, laptops, and other devices with operating systems
  • Boot Process
  • Forensic Boot

MOD 4: STORAGE MEDIA PRINCIPLES

  • Different types of Digital Storage Devices and Media
  • Introduction to data organisation (file systems and data structures)
  • Remote / Network / Cloud Storage

MOD 5: OPERATING SYSTEMS

  • What is an Operating System
  • Different types of Operating Systems
  • Common OS forensic artefacts
  • Application Software

 

Day TWO

MOD 6: DATA PRESERVATION PRINCIPLES

  • Different types of Hardware Write Blocking and Imaging Devices
  • Software Write Blocking Applications
  • The importance of testing and verification of DF tools

MOD 7: MANAGING DIGITAL EVIDENCE AT THE CRIME SCENE

  • What is Digital Forensic Crime Scene
  • Prepare before attending the Crime Scene
  • DF team member and the warrant holder
  • Interviewing suspects in relation to digital evidence
  • How to control the Digital Forensic Crime Scene
  • The importance of the forensic approach when processing Digital Evidence
  • Protect and manage digital evidence at the crime scene
  • Document digital evidence at the crime scene
  • Processing a crime scene involving digital evidence and perform preliminary survey
  • Introduction to Digital Forensic Triage
  • Develop a plan for successful triage of digital evidence

 

Day THREE

MOD 8: THE ACQUISITION PROCESS

  • Digital evidence collection
  • How to prepare/sterile Target Media
  • What is Forensic image and what is a Clone
  •  Different types of Forensic Image Formats
  • Perform basic imaging
  • Data collection
    • Practical Exercises
    • Prepare target media
    • Test and verify DF tools
    • Imaging
    • Cloning
    • Data Containers
    • Targeted Collections
    • Authentication

 

Day FOUR

MOD 9: DIGITAL FORENSIC TRIAGE

  • The theory of DFT
  • Using different tools to perform DF Triage
  • Triaging of storage devices
  • Prioritising devices for Live examination and collection (Volatility Risk Assessment)
  • Triaging of computer systems and smart devices
    • Windows
    • Apple
    • Android
  • How to Identify “Hot Zones” for effective DFT on powered on systems
  • Live DFT Workflow
  • DFT and RAM
  • Identify Encrypted structures (Volumes, Folders…)
    • Bit Locker
    • Specialities of APPLE devices

MOD 10: OHS AND OFFICER SAFETY

  • How to identify and manage individual and environmental threats to an officer’s safety
  • How to deploy proper procedures and tactics to ensure personal safety as well as the safety of others at the electronic crime scene

MOD 11: DIGITAL EVIDENCE IN COURT

  • Introduction

Day FIVE

MOD 12: Mobile Device Technology Overview: Cellebrite UFED Field Operator (CUFO)

  • Mobile Device Technology Overview
  • Data Locations
  • Forensic Handling of Mobile Devices
  • UFED Kiosk Tour
  • SIM Extraction with UFED Kiosk
  • Mobile Device Extraction with UFED Kiosk
  • SD Card Extractions with UFED Kiosk
  • Viewing Data using the UFED Kiosk

 

NOTE:

This list is dynamic and can be changed on request to include additional tools.

CDFS reserves the right to change the tools without prior notice unless otherwise agreed.

/* Omit closing PHP tag at the end of PHP files to avoid "headers already sent" issues. */