• Classroom
Course Description

The new updated H-11 Advanced ISP–EDL–JTAG Cell Phone Data Recovery is a certified 5-day course where students learn how to recover mobile data from embedded systems that are locked, damaged or unsupported. This recovery method works on newer devices that store data on eMMC or eMCP flash memory chips and recovered through the device’s test points. Students will also learn how to properly identify test points and then create ISP pin-out diagrams that can be used for future digital forensic cases. Students will also learn how to use EDL to bypass device locks and encryption and identify JTAG connections. These techniques and methods are used in order to bypass security and perform full memory acquisitions for complete analysis of evidence. This course will use, and cover tools included in the H-11 ISP–EDL–JTAG Forensics Lab Kit.

Learning Objectives

Skills Learned

,Learning Objectives ,

  • Overview and Flash Memory
  • Phone Research
  • Binary Image Types, Analysis and Troubleshooting
  • Soldering
  • Origin and Purpose of JTAG
  • JTAG for Mobile Forensics
  • ISP for Mobile Forensics
  • Tracing ISP Test Points
  • Flasher Box Extractors - Medusa Pro Software
  • IoT and EDL Extractions
  • Final ISP, EDL, IoT, and JTAG Written and Hands-on Exam

    Framework Connections

    The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

    Specialty Areas

    • Digital Forensics
    • Cyber Investigation
    • All-Source Analysis
    • Exploitation Analysis
    • Threat Analysis

    Specialty Areas have been removed from the NICE Framework. With the recent release of the new NICE Framework data, updates to courses are underway. Until this course can be updated, this historical information is provided to give better context as to how it can help you with your cybersecurity goals.