This course explores more advanced topics and methodologies for examining digital evidence. Topics taught in this class include File System Forensics, Computer Operating System Forensics and Mobile Device Forensics. Students are challenged to work individually and in groups to examine and prepare detailed reports showing the relevance of digital evidence to mock cases. This course presents a higher level of technical detail and will balance theory and hands-on aspects for conducting digital forensic examinations.
Learning Objectives
- Communicate the role of digital forensics in a criminal investigation.
- Demonstrate the ability to perform a basic digital forensic analysis using computer and network-based tools.
- Communicate the underlying concepts of how data are stored on computers and the general structure of the Internet.
- Evaluate current industry best-practices to the analysis of some hypothetical and real case scenarios.
- Identify professional resources available to the digital forensics examiner.
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Specialty Areas
- Network Services
- Vulnerability Assessment and Management
- Digital Forensics
- Cyber Investigation
- Collection Operations
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.