CA flag CA
888-843-8733
888-843-8733

Computer Forensics Boot Camp Training

Course 2075

  • Duration: 5 days
  • Language: English
  • Level: Intermediate

Learn how to investigate cybercrime! This boot camp goes in-depth into the tools, techniques and processes used by forensics examiners to find and extract evidence from computers.

Infosec’s Computer Forensics Boot Camp teaches you how to identify, preserve, extract, analyze, and report forensic evidence on computers. You will learn about the challenges of computer forensics, walk through the process of analysis and examination of operating systems, and gain a deep understanding of differences in evidence locations and examination techniques on Windows and Linux computers.

More than 30 hands-on labs simulating a real cybercrime investigation provide you with practical experience using commercial and open- source forensic tools. The boot camp also prepares you to become a Certified Computer Forensics Examiner (CCFE).

Students must have no criminal record. Basic computer skills, including the ability or desire to work outside the Windows GUI interface, are necessary. A+ certification and/or similar training and experience is not required, but recommended.

This is a very in-depth training course and is not intended for individuals who have limited or no computer skills.

  • Law enforcement professionals looking to expand into computer crime investigations
  • Legal professionals
  • IT and information security professionals being tasked with corporate forensics and incident handling
  • Anyone with a desire to learn about computer forensics and develop their skills

Computer Forensics Training Course Delivery Methods

  • Train your whole team by bringing this course to your facility

    • In-Person
    • Online

Computer Forensics Training Course Informartion

  • In this course, you will:

    • Understand the provisions of IT law.
    • Understand complex technical forensics concepts.
    • How to apply forensics concepts to forensic investigations.
    • Handle evidence (procedures and rules).
    • Use a range of computer forensics toolsAcquire forensic evidence.
    • Locate forensic artifacts in various operating systems.
    • Analyze extracted evidence and properly report findings.
    • Track an offender on the internetWork with law enforcement.
    • Design an incident response strategy.

  • Prerequisites

    Students must have no criminal record. Basic computer skills, including the ability or desire to work outside the Windows GUI interface, are necessary. A+ certification and/or similar training and experience is not required but recommended.

    This is a very in-depth training course and is not intended for individuals who have limited or no computer skills.

Computer Forensics Training Course Outline

Course introduction
  • Computer forensics and investigation as a profession
  • Define computer forensics
  • Describe how to prepare for computer investigations and explain the difference between law enforcement agency and corporate investigations
  • Explain the importance of maintaining professional conduct
  • Digital evidence — legal issues
  • Identifying digital evidence
  • Evidence admissibility
    • Federal rules of evidence
    • Daubert standard
  • Discovery
  • Warrants
    • What is seizure?
    • Consent issues
  • Expert witness
  • Roles and responsibilities
  • Ethics
  • (ISC)²
    • AAFS
    • ISO
Investigations
  • Investigative process
  • Chain of custody
  • Incident response
  • E-discovery
  • Criminal vs. civil vs. administrative investigations
  • Intellectual property
    • Markman hearing
  • Reporting
  • Quality control
    • Lab and tool
    • Investigator
    • Examination
    • Standards
  • Evidence management
    • SOPS
    • Collection
    • Documentation
    • Preservation
    • Transport/tracking
    • Storage/access control
    • Disposition
  • Current computer forensics tools and hardware
    • Commercial
    • Free/open source
Forensic science fundamentals
  • Principles and methods
    • Locard’s Principle
    • Inman-Rudin Paradigm
    • Scientific method
    • Peer review
  • Forensic analysis process
Hardware
  • Storage media
    • Hard disk geometry
    • Solid state drives
    • RAIDS
  • Operating system
    • Boot process
    • BIOS/CMOS
    • The Swap File
File systems
  • File systems
    • NTFS file system
    • FAT file system
    • HFS+
    • Ext2/3/4
    • Embedded
  • Erased vs. deleted
  • Live forensics
File and operating system forensics
  • Keyword searching
  • Metadata
  • Timeline analysis
  • Hash analysis
  • File signatures
    • File filtering (KFF)
  • Volume Shadow Copies
  • Time zone issues
  • Link files
  • Print spool
  • Deleted files
    • Recycle bin forensics
  • File slack
  • Damaged media
    • Physical damage
    • Logical damage
    • File carving
  • Registry forensics
    • USB devices
    • HKLM
  • Multimedia files
    • EXIF data
  • Compound files
    • Compression
    • Ole
    • AD
    • Passwords
Web and application forensics
  • Common web attack vectors
    • SQL injection
    • Cross-site scripting
    • Cookies
  • Browser artifacts
  • Email investigations
    • Email headers
    • Email files
  • Messaging forensics
  • Database forensics
  • Software forensics
    • Traces and application debris
  • Software analysis (hashes, code comparison techniques, etc.)
  • Malware analysis
  • Malware types and behaviors
  • Static vs. dynamic analysis
Network forensics
  • TCP/IP
    • IP addressing
    • Proxies
    • Ports and services
  • Types of attacks
  • Wired vs. wireless
  • Network devices forensics
    • Routers
    • Firewalls
    • Examining logs
Packet analysis
  • OS utilities
    • Netstat
    • Net sessions
    • Openfles
  • Network monitoring tools
    • SNORT
    • Wireshark
    • NetworkMiner
Anti-forensics
  • Hiding
  • Encryption
    • Symmetric
    • Asymmetric
    • TrueCrypt hidden partitions
  • Steganography
  • Packing
  • Hidden devices (NAS)
  • Tunneling/Onion routing
  • Destruction
    • Wiping/overwriting
    • Corruption/degaussing
  • Spoofing
    • Address spoofing
    • Data spoofing
    • Timestomping
  • Log tampering
  • Live operating systems
New & emerging technology
  • Legal issues (privacy, obtaining warrants)
  • Social networks forensics
  • Types of social networks
  • Types of evidence
  • Collecting data
  • Virtualization
  • Virtualization forensics
  • Use of virtualization in forensics
  • Cloud forensics
  • Types of cloud services
  • Challenges of cloud forensics
  • Big data
  • Control systems and IOT
Mobile forensics introduction
  • Types of devices
  • GPS
  • Cell phones
  • Tablets
  • Vendor and carrier identification
  • Obtaining information from cellular provider
  • GSM vs. CDMA
  • Common tools and methodology
Select Commercial or Government Pricing

$5,797
  • 5-day instructor led training course

  • Official Infosec proprietary digital courseware

  • Computer forensics pre-study course

  • 30+ hands-on labs included

  • CCFE exam voucher included

  • After-course instructor coaching included

Would you like to take this course as a team?
  • Jun 8 - 12 9:30 AM - 5:30 PM EDT
  • Sep 14 - 18 9:30 AM - 5:30 PM EDT

$5,797
  • 5-day instructor led training course

  • Official Infosec proprietary digital courseware

  • Computer forensics pre-study course

  • 30+ hands-on labs included

  • CCFE exam voucher included

  • After-course instructor coaching included

Would you like to take this course as a team?
  • Jun 8 - 12 9:30 AM - 5:30 PM EDT
  • Sep 14 - 18 9:30 AM - 5:30 PM EDT
Speak with a Learning Consultant
* Required Fields
Speak with a Learning Consultant

Fill out the form below or call 888-843-8733

* Required Fields

Need Help Finding The Right Training Solution?

Our training advisors are here for you.

Contact Us

Computer Forensics Training Course FAQs

  • Law enforcement professionals looking to expand into computer crime investigations
  • Legal professionals
  • IT and information security professionals being tasked with corporate forensics and incident handling
  • Anyone with a desire to learn about computer forensics and develop their skills

Yes! We know your busy work schedule may prevent you from getting to one of our classrooms which is why we offer convenient online training to meet your needs wherever you want. This course is available in class and live online.

Related Courses

  • EC-Council
    CHFI Certification - Computer Hacking Forensic Investigator Training CHFI v11

    Attend this computer hacking forensic investigator certification course to get prepped to successfully pass the EC-Council ECO-312-49.

    Intermediate
    5 days
    Online or In-class
    Starts from $3,992
  • Learning Tree
    Introduction to Cybersecurity - A Starter Guide

    In this Introduction to Cybersecurity course, you'll learn to assess your environment, identify needs & enumerate critical elements of security awareness.

    Foundation
    1 day
    Team Training