Advanced Computer Forensics

SEC-301

InfoSec Institute’s Authorized Computer Forensics Boot Camp prepares you for advanced computer forensics skills, involving a deep dive into volatile memory, registry artifact, file structure and rootkit analysis. 60% of this boot camp is hands-on training!

Advanced forensics training in the best format for you!

Mentored Online Course

View Instant Pricing Below Train at your own pace + mentor on demand

  • Expert Advanced Forensics Instruction
  • Lab Book, Text Book, Pre-Study Book
  • InfoSec Advanced Forensics Toolkit
  • Volatile Memory Analysis
  • Advanced File System Analysis
  • Volume Shadow Copy Analysis
  • Hands-on forensics labs
  • Live Instructor Support
  • Lab Book, Text Book, Pre-Study Book
  • Multipart labs with take home files
  • Group Activities and Live Test Prep
  • Evening Live Case Exercises
  • Meals, snacks and refreshments
  • Optional hotel sleeping room
  • Training at Training Facility
  • Live Online Laptop Shipped To You

Live Online Participate with a live classroom

View Instant Pricing Below As close to our classroom as you can jetport your home computer

  • Expert Advanced Forensics Instruction
  • Lab Book, Text Book, Pre-Study Book
  • InfoSec Advanced Forensics Toolkit
  • Volatile Memory Analysis
  • Advanced File System Analysis
  • Volume Shadow Copy Analysis
  • Hands-on forensics labs
  • Live Instructor Support
  • Lab Book, Text Book, Pre-Study Book
  • Multipart labs with take home files
  • Group Activities and Live Test Prep
  • Evening Live Case Exercises
  • Meals, snacks and refreshments
  • Optional hotel sleeping room
  • Training at Training Facility
  • Live Online Laptop Shipped To You

Boot Camp Classroom

Our Most Popular 5-Day Course

View Instant Pricing Below Invaluable hands-on training in a classroom

  • Expert Advanced Forensics Instruction
  • Lab Book, Text Book, Pre-Study Book
  • InfoSec Advanced Forensics Toolkit
  • Volatile Memory Analysis
  • Advanced File System Analysis
  • Volume Shadow Copy Analysis
  • Hands-on forensics labs
  • Live Instructor Support
  • Lab Book, Text Book, Pre-Study Book
  • Multipart labs with take home files
  • Group Activities and Live Test Prep
  • Evening Live Case Exercises
  • Meals, snacks and refreshments
  • Optional hotel sleeping room
  • Training at Training Facility
  • Live Online Laptop Shipped To You

Advanced Computer Forensics Course Overview


COURSE LENGTH:
5-DAY
CERTIFICATIONS:
CCFE


InfoSec Institute is proud to offer the Computer Forensics Boot Camp. Accelerated and taught in five (5) days, this in-depth course teaches you advanced computer forensics concepts. This course is intended for those that have either taken the InfoSec Institute Computer Forensics Boot Camp, or have experience in the computer forensic profession.    

The most current, up-to-date hands-on forensics training available anywhere!

  • Proven Track Record—We have trained more computer forensics examiners than any other training company
  • Expert instructors, with PROVEN field experience (authors, ex-law enforcement, pioneers in the field)
    • We take pride in saying that all of our instructors are active and experienced at producing forensics work that is admissible in court
  • 60% of Boot Camp is Hands On Training
  • Our program includes the opportunity to take the CCFE on-line exam, as well as training towards the successful completion of the practical component
  • You will learn the core forensics procedures necessary for performing thorough investigations on all computer systems and file types.
  • Possibility to include a fully licensed version of Paraben’s P2 Commander in specific student registration packages (P2 commander is not available on all registration packages).

 

 

 

 

  • Most Advanced Forensics Course Available
  • Hands-on labs with live casework focus
  • Expert instruction from forensic experts
"I was blown away by the instructor's knowledge and expertise. ... Would recommend to anyone"

Connie Brown

United States Air Force

What You'll LEARN

Already know how to acquire forensically sound images? Perform file carving? Take your existing forensic knowledge further and sharpen your skills with this Advanced Computer Forensics Boot Camp from InfoSec Institute.

Upon the completion of our Advanced Computer Forensics Boot Camp, students will know how to:

  • Apply advanced computer forensic analysis concepts to live case work
  • Respond appropriately to immediate response situations
  • Perform Volume Shadow Copy (VSC) analysis
  • Advanced level file and data structure analysis for XP, Windows 7 and Server 2008/2012 systems
  • Registry analysis for XP and Windows 7/8 systems
  • Malware detection and analysis
  • Timeline Analysis
  • Windows Application Analysis
  • Mobile Forensics

Prerequisites

Students must have no criminal record. Computer forensic skills, including the ability or desire to work outside the Windows GUI interface, are necessary.

 

This is a very in depth training course and is not intended for individuals who have limited or no computer forensics skills.

 

 

Dates & Locations

Dates Location Reserve a Seat!
-Dulles, VA Reserve a Seat
-Live Online, Reserve a Seat
Any Date Your Office!
Get Information for On-Site Training



Advanced Computer Forensics Review By Anne Mariano
Rating: 5 out of 5.

The content of InfoSec Institute’s CCFE/Computer Forensics course is excellent, and the instructor knows the subject very well, communicating it at an appropriate level.

See what our students are saying

More testimonials for Ethical Hacking here

  • David P. Curly

    Senior Consultant

    Booz Allen Hamilton

    "a must for any true
    security professional"

    "This was a phenomenal class! The instructor was extremely knowledgeable and crafted the exercises so that we truly learned the material. I have a whole new appreciation for how vulnerabilities are exploited. I have gained very practical skills and knowledge in this class which will help me tremendously in my job. I will highly recommend this course to all of my co-workers. This class should be a must for any true security professional. There were several moments during the week when I was amazed at how vulnerable systems truly are. The practical labs and competition teams made the experience fun. I have learned some extremely valuable skills."


    Find out more
  • Aaron Bento

    IBM Global Services

    "hands-on experience was invaluable"

    "The class was great! The instructor knew his his information very well. It was nice to have someone who is more than just book knowledge, someone who is just giving you the info for the cert test. His hands on experience in real world pen-testing was invaluable, as it gave a touch-stone to how the methods learned in class can be extended to real pen-testing."


    Find out more
  • "nice to have a dedicated training laptop provided"

    "I got a lot out of the real world scenarios presented in class. Jeremy is very knowledgeable in the field of penetration testing. Would definitely take classes again if he is the instructor. The course books are a great reference, and it was nice to have a dedicated training laptop provided by Infosec and not have to bring my own and waste time installing programs during class"


    Find out more
  • Rummy Dabgotra

    MTS Allstream

    "invaluable to my career"

    "Dan is an excellent instructor and incredibly knowledgeable. Great presenter and very helpful. The course was very intense but well structured. The hours were long but it really allows you to get your head wrapped around it. Slide notes were very good as well as the lab pre-info. The labs tied well into the course. The content and knowledge gained will be invaluable to my career."


    Find out more

Daily Course Outline

DAY 1

  • Module 1: Advanced Analysis Concepts
    • Avoiding Speculation 
    • Direct and Indirect Artifacts
    • Least Frequency of Occurrence 
    • Documentation                         
    • Convergence                         
    • Virtualization            
                     
  • Module 2: Immediate Response
    • Prepared to Respond
    • Questions
    • The Importance of Preparation
    • Logs
    • Data Collection


DAY 2

  • Module 3: VSC Analysis
    • Registry Keys
    • Live Systems
    • Pro Discover
    • F-Response
    • Acquired lmages
    • VHD Method
    • VMware Method
    • Automating VSC Access
    • Pro Discover

  • Module 4: File Analysis
    • File System Tunneling                      
    • Event Logs 
    • Windows Event Log                       
    • Recycle Bin 
    • Prefetch Files 
    • Scheduled Tasks                      
    • Skype                             
    • Apple Products                        
    • Image Files    
    • ...more


DAY 3

  • Module 5: Registry Analysis                  
    • USB Device Analysis                       
    • System Hive                                                  
    • Software Hive                        
    • Application Analysis         
    • NetworkLst                   
    • NetworkCards              
    • Shell bags 
    • MUICache 
    • UserAssst
    • ...more  
                           
  • Module 6: Malware
    • Introduction and Overview
    • Malware Characteristics 
    • Initial Infection Vector                   
    • Propagation Mechanism                    
    • Persistence Mechanism                   
    • Artifacts                         
    • Detecting Malware 
    • Log Analysis                       
    • ...more


DAY 4

  • Module 7: Timeline Analysis                                       
    • Data Sources                                                           
    • Time 
    • User 
    • TLN Format                   
    • File System Meta data                 
    • Event Logs                     
    • Windows
    • ...more
                         
  • Module 8: Application Analysis
  • Log Files 
  • Dynamic Analysis 
  • Network Captures 
  • Application Memory Analysis 


DAY 5

  • Module 9: Mobile Forensics
    • Keyboard caches containing usernames, passwords, search terms, and historical fragments of typed communication.
    • Screenshots preserved from the last state of an application
    • Deleted images from the suspect’s photo library, camera roll, and browsing cache.
    • Deleted address book entries, contacts, calendar events, and other personal data.
    • Exhaustive call history
    • Map tile images from the iPhone’s Google Maps application,
    •  Lookups and longitude/latitude coordinates of previous map searches, and coordinates of the last GPS fix.
    • Browser cache and deleted browser objects
    • Cached and deleted email messages
    • SMS messages
    • Deleted voicemail recordings
    • ...more 

Instant Pricing

Call (866)-471-0059 or fill out this short form for current pricing

YOU ALSO GET

  • $3000 worth of tools
    and software!

    InfoSec's Custom Hacking Tools Enterprise Suite, includes every program covered in the course for at home study. (558 Tools). Regular Price: Hacking Tools Enterprise Suite available for individual purchase for only $1,499!

     

    Core Impact SEL License

  • Course Materials, Test Fees and Class Guarantees!

    Small class sizes (usually 10-20 Students), you get an intimate learning setting not offered by any of our competitors.

    5 Full Days of Boot camp style training --- our instructors teach from 8am to 10:30pm every day. Course runs from 8am to 5pm daily with optional ethical capture the flag hacking exercises to 10:30pm.

    All meals, snacks and refreshments included. Snacks not included in Las Vegas courses.

    Certified Ethical Hacker exam fees.

    Lecture, Lab Exercise and Text book --- Train your ethical friends and co-workers hacking!

  • Continued Access to
    the Course ONLINE

    Total Access to Live Recorded Ethical Hacking Lectures:

    InfoSec Institute's Ethical Hacking class is structured for maximum retention of knowledge learned in class. Because we believe in a commitment to your ongoing education after you attend a hands-on Ethical Hacking class, InfoSec Institute makes available for every student access to all of the Live Recorded lectures you attended in-class. These are available in online format for 30 days after the training session!

Other Related Tools & Resources For Our Students

Be sure to check out our R&D site. We post tutorials, labs, white papers and articles to help you in your continued forensics training. There are frequently forensics videos available. If you haven't taken a course with us yet, check out some of the types of thigns you'll be doing and learning about in class.

  • Getting Started with Android Forensics
  • 08/20/2014

    This article introduces Android forensics and the techniques used to perform Android forensic investigations. We will discuss Android file systems, data acquisition, analysis, and various tools available for Android Data Extraction. Introduction The smart phone market is growing higher and higher. With the drastic changes in technology, smart phones are [...]

    The post Getting Started with Android Forensics appeared first on InfoSec Institute.

  • Xplico
  • 07/30/2014

    Downloading Xplico In this article we’ll present Xplico, which is a network forensics tool installed in major digital forensics Linux distributions like Kali, Backtrack, Security Onion, DEFT, etc. In this tutorial, we’ll take a look at the DEFT Linux distribution, which we can download from here: we need to download [...]

    The post Xplico appeared first on InfoSec Institute.

  • Computer Forensics with P2 Commander
  • 07/17/2014

    Introduction Computer Forensics is the methodical series of procedures and techniques used for procuring evidence from computer systems and storage media. This evidence can then be analyzed for relevant information that is to be presented in a court of law. Computer Forensics has frequently been listed as one of the [...]

    The post Computer Forensics with P2 Commander appeared first on InfoSec Institute.



OUR STUDENTS SAY:
InfoSec Institute has an excellent instructor and this is the best IT security class I have ever taken. His knowledge and method of teaching are unsurpassed.