This course focuses on building skills to improve the ability to piece together the various components of the digital investigation. The course begins with acquisition planning and preparation, progresses through the investigative process, and concludes with analysis techniques and methods for more manageable investigations.
- Develop an investigative process for the digital forensic investigation.
- Explain methods of focusing investigations through analysis of multiple evidence sources.
- Effectively prepare for incident response of both victim and suspect systems.
- Identify sources of evidentiary value in various evidence sources including network logs, network traffic, volatile data and through disk forensics.
- Identify common areas of malicious software activity and characteristics of various types of malicious software files.
- Confidently perform live response in intrusion investigation scenarios.