About this Course
A one day training course aimed at IT staff that may have to deal with cyber security threats. The course will provide the candidate with an explanation of what is computer forensics and the techniques regularly employed by computer forensic investigators. The candidate will be trained how to respond to cyber security threats and how to preserve the electronic data in an evidently sound manner using a basic forensic tool.
The EC-Council’s Network Security Administrator certification looks at the network security in defensive view while the CEH certification program looks at the security in offensive mode. The ENSA program is designed to provide fundamental skills needed to analyze the internal and external security threats against a network, and to develop security policies that will protect an organization’s information. Students will learn how to evaluate network and Internet security issues and design, and how to implement successful security policies and firewall strategies. In addition, they will learn how to expose system and network vulnerabilities and defend against them.
Who should attend?
Course Level: The course is aimed at IT teams that have no knowledge or limited knowledge in relation to computer forensics and computer forensics techniques.
The course will cover the following subjects:
- FTK Imager
- About the Course
- Installing FTK Imager Highlights from the 2014 Global Economic Crime Survey
- Exercise – Previewing Hard Drive
- What is Computer Forensics?
- Exercise – Creating Forensic Image
- Sources of Evidence
- Exercise – Creating Custom Content Forensic Image
- Why is Computer Forensics Important to your Organisation?
- Mounting a Forensic Image
- The Four Principles of Computer Based Evidence
- Exercise – Mounting a forensic Image
- The Forensic Image
- Memory Capture
- Cloned Drives
- Exercise 5.0 – Capturing RAM Memory
- The Four Levels of Computer Data
- USB Forensic Bootable Hard Drives
- The Unallocated Space
- Exercise 6.0 – Using USB Bootable Drive
- Types of Data
- Incident Response
- Hash Values
- Responding to Incidents
- Dates and Times
- Incident Response Plan
- Previewing Computer versus Forensic Image
Email : [email protected]