Training Course:EnCase v6 Computer Forensics II (Certificate)School/Trainer:Dimension Data Learning Solutions
Adelaide, Brisbane, Canberra, Melbourne, Perth, Syndey, Australia
Course Format: Classroom | E-learning | Virtual Class | Online | On-site | Blended | Self-paced
Course Description:
'' This live, hands-on course is designed for investigators with strong computer skills, prior computer forensics training and experience using the EnCase forensic software. This course builds upon the skills covered in the EnCase Forensics I course and enhances the examiner’s ability to work efficiently through the use of the unique features of EnCase.
Students must understand evidence handling; the structure of the evidence file; creating and using case files; data acquisition methods including DOS based, hardware write protected, crossover cable and disk to disk; recovering deleted files and folders in a FAT environment; keyword searches across logical and physical media; creating and using EnCase bookmarks; file signatures and signature analysis; and locating and understanding Windows® artifacts.
Skills Gained: After attending the EnCase Comptuer Forensics II course, you will have a clear understanding of how to evaluate relevant evidence on a computer system via common types of media, identify and bookmark files and perform export and recovery activities.
You will also have an indepth understanding of the "EnCase Computer Forensic Methodology".
Key Topics: Day one provides an understanding of EnCase concepts. Students will learn how an evidence file is acquired, verified, added to a case, and stored. They will learn how to create and use logical evidence files and single evidence files. Students will receive hands-on imaging training using FastBloc SE.
* How the EnCase Evidence File is Stored and Verified
* Encase Forensic Edition Overview
* Logical Evidence Files
* Single Evidence Files
* Software Write Protection
* Introduction to NTFS
* Handling Formatted or Repartitioned Media
* Partition recovery
Day two introduces the students to the process of analyzing the evidence. The hashing of files both as a means of identification and as a tool to speed up the searching process is covered. Students also take a first look into the Windows Registry and learn how, why and when to use VFS and PDE. We continue to build on the students�skill sets, moving from general keyword searches and file type analysis to advanced keyword searches using GREP.
* Hash Analysis
* Compound files
* Windows Registry
* VFS / PDE
* Using GREP to focus searches. GREP allows the examiner to create concise keywords using control characters, reducing false positives and increasing efficiency.
Day three moves to specific analysis of common artifacts that cannot normally be located through keyword searches. This analysis can often provide vital information to investigations by revealing data that can provide a clear indication of a user’s activities. We look at how EnCase handles common e-mail files and Internet history.
* Quickly locating file system artifacts unique to the NTFS file system
* De-constructing link files to reveal artifacts that indicate the who, what, when and where of file manipulation.
* E-mail recovery and examinations including Microsoft Outlook, Outlook Express and web based e-mail.
* Recovering and analyzing e-mail attachments
* Internet history concepts and analysis using Internet Explorer
* Understanding and recovering documents that have been printed
* Recycle Bin analysis to reveal important information about deleted files
On day four students learn how to utilize all of the techniques from the previous days to create a readable, coherent report using EnCase.
* Handling and acquiring Flash Memory and artifacts
* Reporting
...''
Elements of this syllabus are subject to change.
Please go to the school's official website for training price and schedule:
http://www.ddls.com.au/
Phone:13 12 01 / 08 8236 8200
School Address:
Level 7
553 Hay St
Perth WA 6000
Level 4, PKF House
139 Frome St
Adelaide 5000
Level 10, Thakral House
301 George St
Sydney 2000
Level 3, Dimension Data Building
11-17 Dorcas St
South Melbourne 3205
Level 12
307 Queen St
Brisbane 4000
Jobs & Resumes: Adelaide, Brisbane, Canberra, Melbourne, Perth, Syndey
Houses & Roommates: Adelaide, Brisbane, Canberra, Melbourne, Perth, Syndey
Travel Agencies: Brisbane, Melbourne, Perth,
Search other schools for EnCase v6 Computer Forensics II training resources.
Other training courses offered by Dimension Data Learning Solutions:
Citrix XenApp (Presentation Server 4.5): Support
Citrix Access Suite 4.0: Build/Test Workshop
CompTIA A+ Certification Essentials Support Skills
CompTIA A+ Certification Electives
Practical Digital Evidence Gathering
EnCase v6 NTFS
EnCase v6 Network Intrusion Investigations
EnCase v6 Advanced Internet Examinations
EnCase v6 Advanced Computer Forensics
EnCase v6 Computer Forensics I
EnCase v6 FIM/Mobile Use of EE Live Forensics
D8750/760/770 IBM Lotus Domino R8 - System Administrator
D8720 Exploring New Features in IBM Lotus Domino 8 Administration
Exploring New Features in IBM Lotus Domino Designer 8
Fundamentals of IBM Lotus Domino 8 Application Development
Building Web Applications with IBM Lotus Domino Designer 8
Using LotusScript in IBM Lotus Domino 7 Applications
ITIL v2-v3 Bridging
Notice: The course description on this page was captured from the Internet as historical reference or submitted by visitors. It was archived statically and not updated from day to day.
Tips:
Our combined search function does not only provide you with the training courses and students, but also talent resumes and jobs, or shared apartments nearby for rent. |
|
|
