ICSI|CDFE Certified Digital Forensics Examiner


Course Outline:
Digital Forensics
ICSI|CDFE Certified Digital Forensics Examiner
4 days
Candidate Prerequisites:
Basic familiarity with Windows/ Linux and storage concepts

This course will provide students with the basic knowledge required for digital forensics as well as illustrate how to follow sound forensic process when conducting an investigation. Students will be the taught to use industry standard forensic software in the same way as it would be used in a real life forensic investigation.

All exercises are performed in an isolated hosted testing lab.

This course will significantly benefit any professionals who are involved in the areas of Information Risk, IT audit, Information Security as well as new individuals wanting to begin a career in digital forensics.

Module 1 Intro in digital forensics

  • What is forensics?
  • Why forensics?
  • What is the purpose of digital forensics?
  • Limitations/Challenges of forensics

Module 2 Basic forensic concepts and methodology

  • Forensics fundamentals
  • Collecting evidence
  • A forensic lab
  • Forensic tools

Module 3 Forensic basics

  • Windows forensic basics
  • Linux/Unix forensic basics
  • Types of media and formats
  • Hashing and Encryption
  • Mobile devices and forensics

Module 4 The forensic process

  • The forensic process
  • Chain of custody
  • Practicing due care
  • Civil vs Criminal Court
  • Admissibility and Jurisdiction
  • Evidence vs hearsay

Module 5 Introduction to Forensic Software

  • The need for software
  • Industry standard software suits
  • Specific software for specialized purpose
  • Tour of the lab

Module 6 Forensics processing in software

  • Using FTK Imager for forensic analysis
  • Using Autopsy for forensic analysis
  • Analysing the Windows Registry with Registry Viewer
  • Using a Hex Editor
  • Capturing the evidence
  • Importing the evidence
  • Searching & Filtering

Module 7 Typical cases and how to process them

  • Typical data leakage enterprise case.
  • Typical compromised client case.
  • Typical malware case

Module 8 Reporting and challenges of forensics

  • Reporting your work
  • The cloud
  • Virtualisation
  • Mobile devices and BYOD
  • One day forensic testing certification exam based on real word scenarios using our isolated online hosted testing lab.
  • Pass = 50-59% Merit = 60-79% Distinction = 80-100%.
  • 100% Final Assessment

Accredited by:

PDF More info Book now


Contact Us