Next boot camp starts soon. Enroll now.

Computer and Mobile Forensics Training Boot Camp

Transform your career in 7 days

This boot camp leverages our 20 years of cybersecurity training experience, along with hands-on practical exercises, to delve into the challenges of computer and mobile forensics. You’ll explore the process of analyzing and examining various operating systems and master evidence locations to collect and preserve data on various devices.

4.2 (443 ratings)

Course essentials

Boot camp at a glance

  • Method

    Live online, in-person or team onsite

  • Duration

    7 days

  • Experience

    1-3 years

  • Average salary

    $75,000

What you'll learn

Training overview

exam pass guarantee logo

This immersive computer forensics training prepares you to pass the Certified Computer Forensics Examiner (CCFE) and Certified Mobile Forensics Examiner (CMFE) exams, which cover the nine domains related to the computer forensics evidence recovery and analysis process, and the five domains related to performing the mobile forensics process on different types of mobile devices. You’ll learn:

  • How to identify evidence: Gain the skills to identify, preserve, extract, analyze and report forensic evidence on computers and mobile devices.
  • An understanding of evidence locations: Learn about the variations in evidence locations and examination techniques across operating systems, including Windows, Linux, Android, iOS, and Windows phones.
  • Hands-on skills: Engage in practical exercises that simulate real-world attack scenarios, allowing you to practice threat hunting and develop the ability to analyze logs, capture memory dumps, and search for malware activity. Capture-the-flag (CTF) exercises allow you to test your new forensics skills.
  • Certification preparation: Prepare for the Certified Computer Forensics Examiner (CCFE) and Certified Mobile Forensics Examiner (CMFE) certifications, validating your expertise in computer and mobile forensics.

Award-winning training you can trust

What's included

Everything you need to know

  • 90-day extended access to Boot Camp components, including class recordings
  • 100% Satisfaction Guarantee
  • Exam Pass Guarantee
  • Exam voucher
  • Free 90-day Infosec Skills subscription (access to 1,400+ additional courses and labs)
  • Hands-on cyber ranges and labs
  • Knowledge Transfer Guarantee
  • Onsite proctoring of exam
  • Pre-study learning path
  • Unlimited practice exam attempts

Before your boot camp

Prerequisites

Prior to enrolling in the Computer and Mobile Forensics Training Boot Camp, you must have:

  • No criminal record
  • Basic computer skills, including the ability or desire to work outside the Windows GUI interface. We recommend A+ certification and/or similar training and experience, though they are not required.

This in-depth technical training course is not intended for individuals with limited or no computer skills.

Syllabus

Training schedule

Day 1
Morning session

Introduction

  • Computer forensics and investigation as a profession
  • Define computer forensics
  • Describe how to prepare for computer investigations and explain the difference between law enforcement agency and corporate investigations
  • Explain the importance of maintaining professional conduct
Afternoon session

Digital evidence — legal issues

  • Identifying digital evidence
  • Evidence admissibility
  • Federal rules of evidence
  • Daubert standard
  • Discovery
  • Warrants
  • What is seizure?
  • Consent issues
  • Expert witness
  • Roles and responsibilities
  • Ethics
  • (ISC)²
  • AAFS
  • ISO

Investigations

  • Investigative process
  • Chain of custody
  • Incident response
  • E-discovery
  • Criminal vs. civil vs. administrative investigations
  • Intellectual property
  • Reporting
  • Quality control
  • Evidence management
  • Current computer forensics tools and hardware
Evening session

Optional group & individual study

Schedule may vary from class to class

Day 2
Morning session

Forensic science fundamentals

  • Principles and methods
  • Forensic analysis process

Hardware

  • Storage media
  • Operating system
Afternoon session

File systems

  • File systems
  • Erased vs. deleted
  • Live forensics
Evening session

Optional group & individual study

Schedule may vary from class to class

Day 3
Morning session

File and operating system forensics

  • Keyword searching
  • Metadata
  • Timeline analysis
  • Hash analysis
  • File signatures
  • Volume Shadow Copies
  • Time zone issues
  • Link files
  • Print spool
  • Deleted files
  • File slack
  • Damaged media
  • Registry forensics
  • Multimedia files
  • Compound files
Afternoon session

Web and application forensics

  • Common web attack vectors
  • Browser artifacts
  • Email investigations
  • Messaging forensics
  • Database forensics
  • Software forensics
  • Malware analysis
Evening session

Optional group & individual study

Schedule may vary from class to class

Day 4
Morning session

Network forensics

  • TCP/IP
  • Types of attacks
  • Wired vs. wireless
  • Network devices forensics

Packet analysis

  • OS utilities
  • Network monitoring tools
Afternoon session

Anti-forensics

  • Hiding
  • Steganography
  • Packing
  • Hidden devices (NAS)
  • Tunneling/Onion routing
  • Destruction
  • Spoofing
  • Log tampering
  • Live operating systems

Optional group & individual study

Evening session

Optional group & individual study

Day 5
Morning session

New & emerging technology

  • Legal issues (privacy, obtaining warrants)
  • Social networks forensics
  • Types of social networks
  • Types of evidence
  • Collecting data
  • Virtualization
  • Virtualization forensics
  • Use of virtualization in forensics
  • Cloud forensics
  • Types of cloud services
  • Challenges of cloud forensics
  • Big data
  • Control systems and IOT

Mobile forensics introduction

  • Types of devices
  • GPS
  • Cell phones
  • Tablets
  • Vendor and carrier identification
  • Obtaining information from cellular provider
  • GSM vs. CDMA
  • Common tools and methodology
Afternoon session

Take CCFE exam

Optional group & individual study

Evening session

Optional group & individual study

Schedule may vary from class to class

Day 6
Morning session

Mobile forensics process

  • Mobile forensics challenges
  • Types of evidence found on mobile devices
  • Collecting mobile devices at the scene
  • Comparison of mobile operating systems
  • Data acquisition methods
  • Reporting findings
Afternoon session

Android forensics

  • Android platform
  • Android security model
  • Bypassing Android security features
  • Android logical data acquisition and analysis
  • Android physical data acquisition

Optional group & individual study

Evening session

Optional group & individual study

Schedule may vary from class to class

Day 7
Morning session

iOS forensics

  • Apple iOS platform
  • iOS security
  • Bypassing iOS security features
  • iOS data acquisition and analysis
  • iPhone/iCloud backups
  • iOS data recovery techniques

Windows phones

  • Windows Phone OS: partitions and filesystems
  • Windows Phone security features
  • Windows Phone logical acquisition and analysis
  • Windows 10 mobile OS forensics
Afternoon session

Feature phones forensics

  • Acquiring and examining data from feature phones

Take CMFE exam

Schedule may vary from class to class

Guaranteed results

Our boot camp guarantees

Exam Pass Guarantee

Exam Pass Guarantee

If you don’t pass your exam on the first attempt, get a second attempt for free. Includes the ability to re-sit the course for free for up to one year (does not apply to CMMC-AB boot camps).

100% Satisfaction Guarantee

100% Satisfaction Guarantee

If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different online or in-person course.

Knowledge Transfer Guarantee

Knowledge Transfer Guarantee

If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.

Unlock team training discounts

If you’re like many of our clients, employee certification is more than a goal — it’s a business requirement. Connect with our team to learn more about our training discounts.

FAQ

Frequently asked questions

What is computer forensics?

Computer forensics is a branch of digital forensic science that involves the identification, preservation, extraction, analysis and reporting of digital evidence from computers and other digital devices. It is crucial for investigating cybercrimes and gathering evidence for legal proceedings.

How can I start learning computer forensics or become a computer forensics professional?

This Computer and Mobile Forensics Training Boot Camp is a great way to upgrade your forensics skills and validate your expertise to employers. A solid understanding of technology is helpful for all digital forensics professionals, and certifications like CompTIA’s A+ and Network+ are great options to build that foundation.

What is the importance of certifications in computer and mobile forensics?

Certifications in computer and mobile forensics validate your knowledge and skills in the field, demonstrating your competence and commitment to the profession. They serve as a benchmark for employers and clients, assuring them of your ability to conduct forensic investigations, handle digital evidence and follow industry best practices. Certifications like the CCFE and CMFE are industry recognized and can enhance your career opportunities in the cybersecurity and digital forensic domains.

How long is the certification valid, and what are the renewal requirements?

The CCFE and CMFE certifications from Infosec are valid for four years. To renew the certification, you’ll need to retake the current certification exam at no cost to you.

What are the career opportunities and job titles for certified computer and mobile forensics professionals?

Certified Computer and Mobile Forensics professionals can pursue various career paths in the cybersecurity and digital forensic fields. Some common job titles include:

  • Computer forensics analyst
  • Digital forensics investigator
  • Cybersecurity consultant
  • Incident response analyst
  • Forensic lab technician
  • Law enforcement officer specializing in digital investigations
  • IT security specialist

You could help play a crucial role in organizations, law enforcement agencies, cybersecurity firms and consulting companies, where your new-found expertise is required to investigate cybercrimes, analyze digital evidence and ensure the security of digital systems.

You're in good company

CY

I have never had a better experience in any previous training. The instructor gave the information needed for the test and also shared his real-world experience to bring it together. I would not hesitate recommending this class to anyone interested in CEH.

Chris Young, Maintech

JK

I thoroughly enjoyed the Ethical Hacking class. I would venture to say it is one of the best technical classes I have ever attended. I feel very confident that I will be able to take my learning experience and be better able to defend our company assets.

Jeremy Kicklighter, ACI Worldwide

SF

The course materials were excellent. The class format was fantastic. The instructor not only prepared us for the examination but also spent a considerable amount of time in learning practical skills for the real world.

Stephen Field, Thomas Compliance Associates, Inc.

Enroll in a boot camp

  • June 12, 2023 - June 18, 2023

    Online only

  • July 17, 2023 - July 23, 2023

    Online only

  • September 11, 2023 - September 17, 2023

    Online only

  • November 13, 2023 - November 19, 2023

    Online only

  • January 29, 2024 - February 4, 2024

    Online only

  • February 26, 2024 - March 3, 2024

    Online only

  • April 1, 2024 - April 7, 2024

    Online only

  • June 10, 2024 - June 16, 2024

    Online only