QUALITY SERVICE, COMPETITIVE PRICES

818.666.7891

[email protected]
CYBERSECURITY NEWS

MMSCYBER001: Advanced Computer Forensics (3 Days)

Course Description

As cybercrime continues to be a huge threat in modern technology, it is extremely important to be versatile and responsive if threats occur around your cyber environment. This Advanced Forensics course is designed to cover the 360 lifecycle process of how to manage and identify breaches, collect evidence and manage threats.

This accelerated program should be taken by users who are interested in the Computer Forensics industry and want to expand their knowledge on complex technical methodologies and IT law. This training course will cover both Windows and Linux operating systems. And will specify a wide variety of topics that cover securing communications with encryption and cryptography, different types of forensics, understanding the fundamentals of data structures, processes in memory, networking and operating systems services, plus more.

With an eye to law enforcement and first responders, this course will cover capturing and extracting data correctly, and making sense of what happened and who was responsible. Students will understand how to correctly collect evidence and present their findings. Participants will master the strategies and procedures needed to efficiently resist any forms of threat.

After completing this course, students will be able to:

  • Manage a breach and recognize the legalities behind it
  • Understand anti-forensics using Cryptography
  • Acquire the Fundamentals of Memory Forensics
  • Examine Windows Services
  • Collect Evidence
  • Hunt Malware in Process Memory
  • Analyze Windows Process Management
  • Acquire Skills for Linux Forensics

 

Course Outline

Module One: Breaches

  1. What Constitutes an Incident
  2. What Constitutes a Breach
  3. Preserving Evidence of Cyber Crime
  4. Managing a Breach
  5. Legal Issues

Module Two: Antiforensics

  1. Anti-Forensics Overview
  2. Secure communication
    1. Cryptography

Module Three: Memory Forensics

  1. Operating Systems Concepts
  2. Fundamentals of Data Structures
  3. The Volatility Framework
  4. Memory Acquisition
    1. Software tools

Module Four: Windows Memory Forensics

  1. Windows Objects and Pool Allocation
  2. Windows Process Management
  3. Process Memory Internals
  4. Hunting Malware in Process Memory
  5. Event Logs
  6. Registry in Memory
  7. Windows Networking and Services
  8. Windows Services
  9. Kernel Forensics and Rootkits

Module Five: Linux Memory Forensics

  1. Linux Memory Acquisition
  2. Linux Operating System
  3. Processes and Process Memory
  4. System Artifacts
  5. File Management
  6. Log Analysis
  7. Rootkits
  8. Case Study of Phalanx2

Module Six: Collecting Evidence

  1. Search and Seizure
  2. Chain of Custody
  3. Admissibility of Evidence in a Court of law
  4. Leave no Trace
  5. Common Tasks
  6. Capturing the Data Image
  7. Cloning
  8. Log Files

Module Seven: Network Forensics

  1. Network Basics
  2. Network Security Tools
  3. Network Attacks
  4. Seek and Destroy
  5. Incident Response
  6. Network Evidence and Investigation

Module Eight: Future Challenges

  1. Future Challenges
  2. Mac Memory Forensics
  3. Cloud Forensics
  4. Mobile Device Forensics