Digital Forensics & Cyber Investigation (Hands-On)
* The Most Comprehensive
Forensic Investigation Course Ever Taught *
* and Become a Certified Forensics Analyst *
| Sessions / Hours |
10/30 (hrs) |
| Time |
7:00pm - 10:00pm |
| Language |
Cantonese with English Terms |
| Tutor |
Over 14 year of InfoSec experiences |
| Pros |
Over 30 CISSP/CISA/CISM CPE Hours
Earn GCFA in one course |
Unique Course
Features
In this 30-hour course, the
elements of a successful digital forensic investigator are addressed
comprehensively. Specifically, this course features:
- Strong emphasis on both conceptual
and technical forensics skills so as to prepare you to become as an
effective forensics investigator
- In-depth discussions of the
internals of common file systems, the secrets in acquiring data from
host, network and embedded devices, and the techniques in analyzing
different OS platforms and embedded devices
- Hands-on exercises in mastering
numerous investigation tools, investigating various real-world
compromised systems, and analyzing unknown hacker tools and suspicious
network traces
- Course leaded by qualified and
knowledgeable i-Total instructors with over 14-year pure information
security experiences
Course Outline
For comprehensive coverage of
the
examination curriculum, we structure this course into 4 modules with a
total of 39 contact hours. Details about individual modules are given
below.
Course
Module |
Description |
| 1 |
Incident
Handling and Computer Forensics
In this module, the overall incident handling and computer forensics
process are discussed. Step-by-step instructions on how an organization
can develop the incident handling and forensics capabilities from the
ground up will be walked through.
A number of real world case studies will be examined and discussed to
illustrate how identify computer attackers, and to provide valuable
information on the steps students can take to improve the chances of
catching and prosecuting attackers. |
| 2 |
Acquisition of
Digital Evidences (Hands-On*)
After substantiating the suspected incident, an investigator may need
to acquire evidences in a forensically sound manner in order to
determine what happened and how the case might be resolved.
As hard disks are the most significant containers of evidences, we
start this module with in-depth discussions of both the logical and
physical configuration of hard disks and file systems. Then, focuses
will be shifted to collecting volatile and permanent data from hosts,
network, embedded, and non-technical devices. Finally, details on
documenting, authenticating, and handling digital evidences collected
will be covered.
Hands-on practices will be provided to let participants understand how
to collect volatile data, perform forensic duplications and conduct
network surveillance in great details. |
| 3 |
Analysis of Digital
Evidences (Hands-On*)
Here comes to the meat of computer forensics. In this module, we will
detail the procedures for analyzing and interpreting the acquired
information so as to draw valid conclusions to assist the incident
investigation and its resolution.
Firstly, generic techniques applicable to all forms of forensic
investigations are discussed. Then, detailed sets of evidence steps
that are specific to Windows, Unix, Linux, Solaris, MAC OS X, routers,
PDAs, Cell Phones and various application servers will be provided and
practiced. Furthermore, skills presentations and hands-on exercises for
analyzing network traffic, determining the functionality of unknown
binaries, interpreting the clues inside of Internet messages will be
arranged. Upon completion of this module, you will start becoming an
Internet detective and using standard Internet services to perform
local and remote investigations. |
| 4 |
Investigation
Reporting and Legal Issues
Following vast efforts on evidence acquisition and investigation, the
next nature step is to write up a forensic report documenting your
findings and conclusions. In this module, some general guidelines for
writing a good forensic report will be outlined. Besides, legal issues
and implications pertaining to computer forensics are discussed. |
* To get the most value out of the
course, students are required to
bring their own notebook computer.
Venue
7D, Trust Tower, 68 Johnston Road, Wan Chai, Hong Kong [See Map]
*Course provider reserves the rights to modify the schedule as
required.
Course Fee
Lectures (30 Hours) =
Timway
Special Price for Early Bird: HK$6,980
Early bird price : enroll 1 week before course commencement.
Course Leader
Mr. Gamin Lou, CISSP,
CISA, CISM, CEH, has over 14 years experience in information systems
security governance and practices. Before joining as a
security consultant, he has been working in various global and local
financial institutes and was responsible for managing overall
information security programs, implementing and monitoring perimeter
security and intrusion detection systems, as well as responding to and
investigating security incidents for the organizations.
 傳送給朋友
報名表格:
查詢請電 (24 小時全天候熱線) : (852) 2549 7978
|
