When investigators are tasked with an internet based investigation, many forget the potential wealth of intelligence and information that is already held within their organisations corporate memory on subjects or their associates. For years, Law Enforcement have been seizing digital devices each time a suspect is arrested. Do we ever return to these devices to investigate and exploit them for their intelligence worth? This course gives you the skills to do just this.
This course is aimed specifically at those investigators and operatives who are engaged and active in investigations and want to enhance the quality of data they can obtain from a user’s interaction and communication on the internet. It will enable them to examine digital product to enhance internet investigations. This course will also look how to identify passwords on a Windows or Linux based machine and server and how to decrypt these passwords.
In order to target the internet browsing data and passwords, it is important to understand a few fundamentals about digital forensic techniques, specifically the architecture of where data is stored on different platforms and more importantly, how it is stored and apply forensic principles (ACPO/NPCC) when interacting with this type of data.
This course has been designed and implemented in order to provide investigators with the capability and insight enabling them to perform their own basic forensic examination of data types related to internet browsing, providing an insight into user activity on web browsers. This will provide an overall product which can provide further intelligence into every investigation which encounters the internet.
• Gain Knowledge and understanding into how to interact with data using a digital forensic approach whilst complying to the ACPO/NPCC core principles
• Have an understanding of how to use forensic tools to examine a machine and interpret internet related data in a human readable format
• Examine and locate usernames and encrypted passwords located on both Linux and Windows machines and how to use tools to decrypt them
• Build a working understanding of the “best practice” for digital data to ensure that no changes are made by interacting with the data
• Enhance knowledge in how operating systems store data and why data that is “deleted” may not be deleted after all
• Digital forensic knowledge on file systems and operating systems
• Best practice methodologies and strategy in relation to digital forensic examinations
• Practical exercises
• Review of open source and free to use digital forensics tools which will enhance investigations
• Student exercise to cement course learning points
1 day of classroom study
Dates and Venues:
Please contact us for details