The purpose of this course is to introduce Computer Forensic concepts to investigators that have little or no experience. A basic understanding of computers is expected. The course will include discussions on:
Intro to Computer Crime and Computer Forensics
PC Hardware and Software Identification
Operating Systems Overview (emphasis on Windows-based OS)
The purpose of this course is to further the knowledge of the computer forensic investigator. A basic knowledge of Computer Forensic concepts and processes is required as well as a basic understanding of hardware and operating systems. The course will include discussion on the following:
Searching Concepts using Grep
Hash Sets and how to use them to narrow your investigation
Introduction to Windows Artifacts
Registry Files
Link Files
Recycle Bin
Swap File
Print Spool Files
Recovering Print Spool Files
Writing Affidavits and Search Warrants
Determining the scope of the investigation and pitfalls to avoid during analysis
The purpose of this course is to advance the knowledge base of investigators that have a working knowledge of Computer Forensics. The course will include discussions on the following:
Advanced NTFS issues
RAID Servers and issues of preserving and restoring servers
Introduction to Linux and Unix Operating Systems
Introduction to Linux and Unix forensic concepts
File Systems
Recovery
Introduction to Linux Forensic Tools
Introduction to the Apple and the MacOS
Introduction to Mac forensic concepts
Identifying and recovering encrypted files
Introduction to stegonography
Keyloggers and other malware and their related issues
