Digital Intelligence offers a wide range of training covering topics at the introductory level through the advanced level. We have established a concise track of courses that will help lay the foundation for any digital forensic or eDiscovery practitioner. Additionally, we have designed courses that highlight specific areas of interest in digital forensics. We are also proud to have partnerships with some of the most popular and regarded forensic software allowing specific vendor training to be offered.
The Digital Forensics with FRED course is designed for Forensic Examiners,
eDiscovery Specialists and First Responders. This one day training is highlights
all of the features of the FRED forensic workstation as well as provide a basic
foundation needed to utilize the equipment to complete a forensic preview,
triage or duplicate copy. The course also covers optimal configuration and
installation locations for the most popular digital forensic software along with
maintenance and troubleshooting for the FRED.
The First Stop in digital forensic training. The course covers the fundamentals of digital forensics from the seizure of the equipment to the forensic duplication process. A foundation in hardware recognition, computer data and Windows based file systems are also covered. This course is a must for a new forensic investigator, eDiscovery specialist or a first responder.
Primary locations of forensic artifacts on a Windows based machine or media. Lessons provided on topics such as; Partitioning, Recycle Bin, Registry, Thumbnails and Thumbs.db and date/time concepts for Windows XP, Vista and 7. Basics of email, Internet artifacts, and Link files are also covered.
Analysis and identification of artifacts left on a machine from the most commonly utilized Internet applications. Internet Explorer, Firefox and Google Chrome browsers are examined along with several popular instant messenger programs such as Yahoo and SkyPE. Email basics and analysis of Windows Live Mail and Outlook round out the topics of this course.
Introduction to the functionality of RAM and a variety of analysis topics. Manual recovery of actionable data, techniques to conduct a malware analysis, utilizing EnScripts to automate the analysis of memory and decompression and analysis of the Windows hiberfil.sys file are the foundations of this course. Use of the latest memory collection and analysis software will be utilized during this hands on intensive training.
The VPER course offers the student a combination of the Digital Forensic Intermediate and EnCase forensics with version 7.X. This 4 day course will not only provide the attendee with an all around knowledge of EnCase, but also the foundation in the digital forensic topics covered.
This course satisfies the education portion of the EnCE® requirement.
A combination of the Digital Forensics with FRED and EnCase 7.X boot camp. EnCase 6.X is available upon request for custom training.
This course satisfies the education portion of the EnCE® requirement.
SPECIALIZED TRAINING COURSES SCHEDULED FOR 2012
CRYPTOGRAPHY FUNDAMENTALS Encryption and Decryption (Advanced)
Advanced level course focuses on the fundamentals of cryptography giving the attendee an understanding of the challenges faced when encountering encrypted data during forensic examinations. The class will initially concentrate on the foundations of cryptographic schemes followed by targeted attention on typical encryption models used in today’s software applications. Using a variety of open source and vendor tools students will learn of the best practices to gain access to encrypted and hidden data using accepted methodologies.
ADVANCED FILE SYSTEM ANALYSIS
Advanced level, hands-on intensive course is intended for existing computer forensic investigators who are looking to increase their knowledge on file system organization and advanced data recovery techniques on NT based systems. Additionally, the advanced Windows exFAT file system will be reviewed and contrasted with the traditional FAT systems. This course is designed to expand the student’s knowledge of forensic artifacts from Windows based machines for XP, Vista and Windows 7 platforms.
