• Online, Self-Paced
Course Description

This course explores key aspects of digital forensics by looking at device usage while helping prepare learners for the Systems Security Certified Practitioner (SSCP) certification exam. In 13 videos, you will examine evidence gathering, chain of custody, data recovery, hard drive scrubbing, IP address tracking, and memory forensics. You will learn that a crucial aspect of digital forensics is the gathering of evidence in a lawful manner. Next, learners will examine how to determine when events occurred, when files were modified, when certain websites were accessed, and when messages were received. You will examine the chain of custody for preservation of evidence, and having a detailed account of gathering and handling evidence. This course demonstrates how to recover deleted data, and how to use a steganography tool to hide data in plain sight. You will examine memory forensics, a subset of digital forensics. This course then discusses the NIST (National Institute of Standards and Technologies) document publication 800-86. Finally, learn how to create a raw image of a hard disk drive.

Learning Objectives

This course explores key aspects of digital forensics by looking at device usage while helping prepare learners for the Systems Security Certified Practitioner (SSCP) certification exam. In 13 videos, you will examine evidence gathering, chain of custody, data recovery, hard drive scrubbing, IP address tracking, and memory forensics. You will learn that a crucial aspect of digital forensics is the gathering of evidence in a lawful manner. Next, learners will examine how to determine when events occurred, when files were modified, when certain websites were accessed, and when messages were received. You will examine the chain of custody for preservation of evidence, and having a detailed account of gathering and handling evidence. This course demonstrates how to recover deleted data, and how to use a steganography tool to hide data in plain sight. You will examine memory forensics, a subset of digital forensics. This course then discusses the NIST (National Institute of Standards and Technologies) document publication 800-86. Finally, learn how to create a raw image of a hard disk drive.

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Cyber Operational Planning
  • Cyber Defense Infrastructure Support
  • Cybersecurity Management
  • Digital Forensics
  • Executive Cyber Leadership
  • Systems Analysis
  • Systems Development
  • Threat Analysis
  • Vulnerability Assessment and Management