Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
ISACA Cybersecurity: Digital Forensics Online Course
The ISACA Cybersecurity: Digital Forensics Online Course provides learners with a deep understanding of the principles and best practices of digital forensics. Throughout this course, learners will step through the process of conducting a complete investigation. You’ll explore the legal and ethical considerations of digital forensics including the chain of custody. You’ll also gain practical experience through a series of real-world simulations and exercises taught through hands-on labs.
Provider Information
ISACA
1700 E. Golf Rd., Suite 400
Schaumburg, IL 60173
Course Overview
None
Learning Objectives
- Define digital forensics.
- Explain the evolution of networking and the purpose of digital forensics.
- Describe the unique challenges of collecting forensic evidence from networks.
- List the devices, media, and memory where evidence can be found.
- Explain the OSCAR methodology for collecting digital evidence.
- Explain laws applicable to digital forensics.
- Explain guidelines for collecting digital evidence for specific devices and networks.
- List guidelines for collecting and documenting evidence so that it is admissible in court.
- List physical and logical tools used in digital forensics.
- Explain how Kali Forensics is used to collect digital evidence.
- Describe tools such as Wireshark, Tshark, dumpcap, and tcpdump that work with Kali Forensics.
- Explain how case management software is used.
- Explain how imaging tools are used in an investigation.
- Describe the types of digital evidence and how they are stored.
- Document where and how evidence is collected.
- Describe how to establish and maintain a chain of custody.
- Explain high-level concepts related to digital imaging, such as tools, formats, size, and compression.
- Explain hashes and checksums.
- Explain what to do with damaged drives.
- Define remote access and remote forensics.
- Identify tools used in remote forensics.
- List the elements of a cyberforensic analysis.
- Describe types of drives.
- Explain partitions and volumes.
- Explain file systems.
- Recognize common antiforensic techniques.
- Recognize common file modifications that could indicate suspicious activity.
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.