logo


your one source for IT & AV

Training Presentation Systems Services & Consulting Cloud Services Purchase Client Center Computer Museum
Arrow Course Schedule | Classroom Rentals | Student Information | Free Seminars | Client Feedback | Partners | Survey | Standby Discounts

Network Forensics

SS Course: 2001231

Course Overview

TOP

This course teaches students how to recognize a hacker's tracks and uncover network-based evidence. The hands-on exercises include; Carving suspicious email attachments from packet captures, Using flow records to track intruders, Analyzing real-world wireless encryption-cracking attacks, Reconstructing a suspect's web surfing history, Uncovering NDS-tunneled traffic and Dissecting the Operation Aurora exploit. 

                                                                  

Scheduled Classes

TOP

What You'll Learn

TOP

Participants will do the following:

  • Identify the role of computer forensics in responding to crimes and solving business challenges
  • Examine system forensics issues, laws, and skills
  • Examine the purpose and structure of a digital forensics lab
  • Examine the evidence life cycle
  • Procure evidence in physical and virtualized environments
  • Examine the impact of sequestration on the evidence-gathering process
  • Collect evidence in network and e-mail environments
  • Examine automated digital forensic analysis
  • Report investigative findings of potential evidentiary value
  • Examine the constraints on digital forensic investigation

Outline

TOP
Viewing outline for:

Module 1: Introduction to the Field and Background

  • Introduction to Forensics
  • Overview of Computer Crimes
  • Lab: Applying the Daubert Standard to Forensic Evidence
  • Forensics Methods and Labs
  • Trends and Future Directions

Module 2: Tools and Methods

  • System Forensic Resources
  • Lab: Documenting a Workstation Configuration Using Common Forensic Tools
  • Collecting, Seizing, and Protective Evidence
  • Lab: Uncovering New Digital Evidence Using Bootable Forensic Utilities

Module 3: Types of Forensics

  • Email Forensics
  • Lab: Analyzing Images to Identify Suspicious or Modified Files
  • Windows Forensics
  • Recognizing the Use of Steganography in Image Files
  • Linux Forensics
  • Lab: Automating Email Evidence Discovery Using P2 Commander
  • Macintosh Forensics
  • Mobile Forensics
  • Lab: Decoding an FTP Protocol Session for Forensic Evidence
  • Peforming Network Analysis
  • Lab: Identifying and Documenting Evidence from a Forensic Investigation
  • Incident and Intrusion Response
  • Lab: Conducting an Incident Response Investigation for a Suspicious Login

Prerequisites

TOP

Before attending this course, students should have:

  • Minimal experience in the IT field, specifically in IT security
  • Understanding of networking concepts and best security practices
  • CompTIA network+, Security+, EC-Council CEH certifications or hold equivalent experience and knowledge

    Who Should Attend

    TOP

    This course is beneficial for:

    • Police and Law Enforcement
    • Military and D0D Personnel
    • E-Business Security Professionals
    • Network and System Administrators
    • Legal Professionals
    • Insurance Professionals
    • Banking Professionals
    • IT Managers
    • Governement Agency Professionals

    Next Step Courses

    TOP