Warning: Use of undefined constant ___FILE___ - assumed '___FILE___' (this will throw an Error in a future version of PHP) in /home/alcgroup/public_html/alctraining.com.au/wp-content/plugins/course_management/course_management.php on line 11
Digital Forensics & Data Analysis 101 | ALC Training | ALC
Call Us1300 767 592
Call Us1300 767 592
HOME CYBER / INFORMATION SECURITY

Next Available Dates

  • No public courses currently scheduled. Please contact ALC.

The 5-Day instructor-led course Digital Forensics & Data Analysis 101 is the essential starting point for anyone wanting a career in digital forensics. It is designed to provide a solid and practical introductory coverage of the principles of identifying, preserving and analysing digital evidence, such as computers, mobile phones, and online sources. It is focused on providing participants with the knowledge required to perform a proper Collection, Triaging, and Reviewing of Digital Evidence.

Presented in association with Cyber Digital Forensics Services (CDFS)

Learning outcomes

  • Digital Forensic Triage
  • Forensic Imaging of USB Devices
  • Reviewing Digital Evidence
  • Communicate and work efficiently with Digital and Cyber Teams
  • Mobile Device Technology Overview: Cellebrite UFED Field Operator (CUFO)
  • Target audience
  • Government and Law Enforcement Investigators
  • Cyber Crime Investigators
  • Digital Forensic Investigators
  • IT Security Managers
  • Theory and practical
  • Multiple practical exercises are provided to enforce key concepts learned

Who should attend

This course is suitable for anyone who needs to get a good strong foundation in digital forensics. The course audience includes all teams across IT, Security, Internal Audit, Law Enforcement and Government:

  • Investigators
  • Would-be digital evidence examiners
  • Law-enforcement personnel
  • Information security professionals
  • Anyone wanting to get started with handling and investigating digital evidence

Course contents

MODULE 1: FORENSICS AND DIGITAL FORENSICS
  • What is Forensic Science
  • The role of the Forensic Science in the Legal System
  • Why is important to understand the forensic evidence
  • Identifying Forensic Traces
MODULE 2: DIGITAL FORENSIC PRINCIPLES
  • Introduction and Discussion
MODULE 3: HARDWARE PRINCIPLES
  • Desktops, laptops, and other devices with operating systems
  • Boot Process
  • Forensic Boot
MODULE 4: STORAGE MEDIA PRINCIPLES
  • Different types of Digital Storage Devices and Media
  • Introduction to data organisation (file systems and data structures)
  • Remote / Network / Cloud Storage
MODULE 5: OPERATING SYSTEMS
  • What is an Operating System
  • Different types of Operating Systems
  • Common OS forensic artefacts
  • Application Software
MODULE 6: DATA PRESERVATION PRINCIPLES
  • Different types of Hardware Write Blocking and Imaging Devices
  • Software Write Blocking Applications
  • The importance of testing and verification of DF tools
MODULE 7: MANAGING DIGITAL EVIDENCE AT THE CRIME SCENE
  • What is Digital Forensic Crime Scene
  • Prepare before attending the Crime Scene
  • DF team member and the warrant holder
  • Interviewing suspects in relation to digital evidence
  • How to control the Digital Forensic Crime Scene
  • The importance of the forensic approach when processing Digital Evidence
  • Protect and manage digital evidence at the crime scene
  • Document digital evidence at the crime scene
  • Processing a crime scene involving digital evidence and perform preliminary survey
  • Introduction to Digital Forensic Triage
  • Develop a plan for successful triage of digital evidence
MODULE 8: THE ACQUISITION PROCESS
  • Digital evidence collection
  • How to prepare/sterile Target Media
  • What is Forensic image and what is a Clone
  • Different types of Forensic Image Formats
  • Perform basic imaging
  • Data collection
  • Practical Exercises
  • Prepare target media
  • Test and verify DF tools
  • Imaging
  • Cloning
  • Data Containers
  • Targeted Collections
  • Authentication
MODULE 9: DIGITAL FORENSIC TRIAGE
  • The theory of DFT
  • Using different tools to perform DF Triage
  • Triaging of storage devices
  • Prioritising devices for Live examination and collection (Volatility Risk Assessment)
  • Triaging of computer systems and smart devices
  • Windows
  • Apple
  • Android
  • How to Identify “Hot Zones” for effective DFT on powered on systems
  • Live DFT Workflow
  • DFT and RAM
  • Identify Encrypted structures (Volumes, Folders…)
  • Bit Locker
  • Specialities of APPLE devices
MODULE 10: OHS AND OFFICER SAFETY
  • How to identify and manage individual and environmental threats to an officer’s safety
  • How to deploy proper procedures and tactics to ensure personal safety as well as the safety of others at the electronic crime scene
MODULE 11: DIGITAL EVIDENCE IN COURT
  • Introduction
MOD 12: Mobile Device Technology Overview: Cellebrite UFED Field Operator (CUFO)
  • Mobile Device Technology Overview
  • Data Locations
  • Forensic Handling of Mobile Devices
  • UFED Kiosk Tour
  • SIM Extraction with UFED Kiosk
  • Mobile Device Extraction with UFED Kiosk
  • SD Card Extractions with UFED Kiosk
  • Viewing Data using the UFED Kiosk

Course fees

The fee for the course is:

  • $3,600 + GST

 

There are no pre-requisites to attend this course.  All participants will receive a Certificate of Completion.

 


Next Available Dates

No public courses currently scheduled. Please contact ALC.
Would another date suit you better? Let us know.

What our clients say

    Looking for a similar course?

    Select from a list of related courses below