Home    Tutorials    IT & Software    Advanced Computer Forensics

Advanced Computer Forensics

 Admin0,

Learning Advanced computer forensic skills and techniques

This course is designed for people with a working knowledge of computer forensics but looking to go deeper into specific skill and techniques of the the field.  We cover techniques and examine devices that are more volatile or more difficult to access than a standard PC acquisition.  This is the third course following my pervious course Computer Forensics Fundamentals and Intermediated Computer Forensics.  While those course are recommended it is not required to take this course as they are independent in regard to topics taught.

What you’ll learn

  • RAM forensics analysis and acquisition.
  • Forensics elements in the Windows registry and how to examine those elements.
  • Pros and cons of live forensics acquisitions.
  • Basics of testifying in a court of law.
  • Examination of non-traditional devices such as smart devices, Gaming systems and drones.

Course Content

  • Introduction –> 1 lecture • 3min.
  • Ram acquisition and analysis –> 3 lectures • 9min.
  • Windows registry forensics –> 5 lectures • 19min.
  • USB and Network connections –> 3 lectures • 9min.
  • Live Forensics –> 2 lectures • 10min.
  • Search Signatures –> 1 lecture • 2min.
  • Not traditional data sources evidence and strategies for acquisition and reports –> 4 lectures • 22min.
  • Testifying in a court of law –> 1 lecture • 6min.
  • Wrap up –> 2 lectures • 5min.

Advanced Computer Forensics

Requirements

  • Basic understanding of computer forensics in regard to the purpose and acquisition techniques..
  • We will be using mostly open source tools, such as RegRipper and FTK Imager which will be downloaded during the course.

This course is designed for people with a working knowledge of computer forensics but looking to go deeper into specific skill and techniques of the the field.  We cover techniques and examine devices that are more volatile or more difficult to access than a standard PC acquisition.  This is the third course following my pervious course Computer Forensics Fundamentals and Intermediated Computer Forensics.  While those course are recommended it is not required to take this course as they are independent in regard to topics taught.

Advanced Computer Forensics will provide:

  • Ram Acquisition and Analysis
  • Windows registry forensics
    • Hives and NTUSER.dat
  • USB and network connections
  • Live forensic acquisitions
  • Search Signatures
  • Non-traditional devices (Internet of Things), games systems, drones and camera systems
  • Testifying in a court of law

 

The course will consist of presentations to explain the concepts of computer forensics as well as demonstrations of proper software and collections of digital evidence, using primary open source or free software so that students can replicate the demonstrations on their own. Quizzes will reenforce the concepts.

This course is designed for anyone with an interest computer forensics to get a deeper taste of the real world of digital forensics examination.

As an advanced course it will consist of presentations, hands on lessons and quizs.

Get Tutorial