• Classroom
  • Online, Instructor-Led
  • Online, Self-Paced

EC-Council released the most advanced computer forensic investigation program in the world. This course covers major forensic investigation scenarios that enable students to acquire hands-on experience on various forensic investigation techniques and standard tools necessary to successfully carry-out a computer forensic investigation. Students will learn how to excel in digital evidence acquisition, handling, and forensically sound analysis. These skills will lead to successful prosecutions in various types of security incidents such as data breaches, corporate espionage, insider threats, and other intricate cases involving computer systems.

Learning Objectives

  • The computer forensic investigation process and the various legal issues involved
  • Evidence searching, seizing and acquisition methodologies in a legal and forensically sound manner
  • Types of digital evidence, rules of evidence, digital evidence examination process, and electronic crime and digital evidence consideration by crime category
  • Roles of the first responder, first responder toolkit, securing and evaluating electronic crime scene, conducting preliminary interviews, documenting electronic crime scene, collecting and preserving electronic evidence, packaging and transporting electronic evidence, and reporting the crime scene
  • Setting up a computer forensics lab and the tools involved in it
  • Various file systems and how to boot a disk
  • Gathering volatile and non-volatile information from Windows
  • Data acquisition and duplication rules
  • Validation methods and tools required
  • Recovering deleted files and deleted partitions in Windows, Mac OS X, and Linux
  • Forensic investigation using AccessData FTK and EnCase
  • Steganography and its techniques
  • Steganalysis and image file forensics
  • Password cracking concepts, tools, and types of password attacks
  • Investigating password protected files
  • Types of log capturing, log management, time synchronization, and log capturing tools
  • Investigating logs, network traffic, wireless attacks, and web attacks
  • Tracking emails and investigate email crimes
  • Mobile forensics and mobile forensics software and hardware tools
  • Writing investigative reports

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Cybersecurity Management
  • Exploitation Analysis
  • Incident Response
  • Risk Management

Specialty Areas have been removed from the NICE Framework. With the recent release of the new NICE Framework data, updates to courses are underway. Until this course can be updated, this historical information is provided to give better context as to how it can help you with your cybersecurity goals.