This module covers the fundamentals of digital forensics. Topics will include historical issues, key concepts, and tools and techniques of the trade. In addition, reporting methods will be discussed. Various open-source tools will be used in the lab portion of the module.
Learning Objectives
Discuss data investigation types, Implement USB write-blocking via Windows Registry, Perform data acquisition by using appropriate tools to collect digital evidence from electronic media, List and describe the different operating Systems disk and file structures, Apply forensics techniques to investigate and analyze a device, Perform digital forensics analysis upon Windows operating system, Describe the methodologies used in host forensics, Discuss and use various digital forensic tools, Analyze and carve image files, Describe the steps in performing digital forensics from the initial recognition of an incident through the steps of evidence gathering, preservation and analysis, through the completion of legal proceedings, Write and prepare forensic reports
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Competency Areas
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.