Computer forensic is the collection, preservation, analysis,identification and presentation of computer related evidence that can be useful in criminal cases for the purpose of facilitation or furthering the reconstruction of events found to be criminal.

There are three things to take into consideration when carrying out computer forensic. A computer can be the target of the crime, it can be the instrument of the crime or it can serve as an evidence repository storing valuable information about the crime. Knowing what role the computer played in the crime can of tremendous help when searching for evidence. This knowledge can also help reduce the time taken to package your evidence.

Computer forensics is one of the largest growing professions of the 21st century. The main goals of computer forensics are the preservation, identification, extraction, documentation and interpretation of recovered computer data.

Scope of forensic science in India:
With the rising number of incidents of crime and fraud in India, the scope of forensic science is definitely rising. Today there are Forensic Science related jobs in both the Government and Private Sector...Crime Branches, CBI, CID, Police, Investigation Bureau, Defense/Army, Courts, Narcotics Dept., Universities, Detective Agencies, Banks, Insurance Companies.

Duration

Duration

40 hours-2 classes per week

Eligibility

Eligibility

Basic knowledge of Computer & Internet

Course Fees

Course Fees

Rs.14,500/-

+ 18% GST

Course Details

Introduction to Computer Forensics
Recommended Machine Configurations
What makes a good computer forensic examiner?
Computer Forensics vs. E Discovery
Forensic Examination Procedures
Determining Scope of Examinations
Hardware and Imaging Issues
Floppy Diskette, USB and Optical Media Examination
Limited Examinations
Forensically Sterile Examination Media
ASCII Table
General Overview of Boot Process and Operating Systems
Floppy Diskette Sides, FD Tracks, Hard Disk Drives
BIOS History
Networked Computers
Media Acquisition
Acquisition Documentation
Chain of Custody
Understanding Volatile Data
Traditional Forensics vs. Live Forensics
The Live Response Process and the Best Evidence Rule
Volatile Data - OS Differences
Live Slide Collections
Acquisitions in a Live Environment
System Impact
Physical Memory Acquisition
API Calls vs. RAM Acquisition
Challenges in Acquiring RAM - Windows/Linux/Mac
Physical Memory Acquisition
Volatile Data Collection Using APIs
Acquiring Volatile Data
Storing the Data
Hard Drive Collection
Imaging Conditions in a Live Environment
Encrypted Volumes
Dynamic Disk Imaging – RAID
Bootable Side Collections
Preparing the Harvest Drive
Mounting Devices
dd Acquisitions
dc3dd Acquisitions
aff Acquisitions
Linen Acquisitions
Remote Investigation and collection
MS windows System Analysis
NTFS file system
Recovering deleted files
Windows artifacts
Windows Swap and Page Files
Forensic Analysis of the Windows Registry
Linux File System
Ext2 and ext3
Defeating anti-forensic techniques
Email Analysis
Obtaining web-based e-mail (webmail) from online sources
Converting e-mail formats
Tracking user activity
Tracking OS user logs
Presenting your findings
Password Breaking
Breaking different file passwords
Breaking different OS passwords
Network Forensics
Network Forensics and investigating logs
Investigating Network Traffic
Investigating Wireless Attack
Investigating different Web attacks
Investigating Server Logs
Investigating FTP Server logs
Investigating Webserver Logs
Investigating Corporate Espionage
Cyber Crime and Incident response
Investigating Sexual Harassment cases
Investigating Steganography
Cyber Crime and Law
Digital Signature and Crime
Digital Evidence
Cyber Pornography

Tools based Forensic Training:

What is Live Forensics
Understanding Volatile Data
Traditional Forensics vs. Live Forensics
The Live Response Process and the Best Evidence Rule
Volatile Data - OS Differences
Storing the Data
Acquisition Destination Options
Network Acquisitions
Network Shares and Samba
Attached Devices
Integrity Checks
Live Side Collections
Acquisitions in a Live Environment
System Impact
Physical Memory Acquisition
API Calls vs. RAM Acquisition
Challenges in Acquiring RAM - Windows/Linux/Mac
Acquiring RAM
Hands-On Exercises
Volatile Data Collection Using APIs
Acquiring Volatile Data
Storing the Data
Hands-On Exercises
Hard Drive Collection
Imaging Conditions in a Live Environment
Encrypted Volume
Bootable Side Details
Why Learn Linux?
Forensic Benefits
Understanding Physical and Logical Disks
Linux Terminology
The Boot Process
Files and File Systems
Permissions
Commands - What you Must Know
Mounting Devices
Device Detection and Boot Problems
Cheat Codes
Other Issues
Bootable Side Collections
Preparing the Harvest Drive
Mounting Devices
dd Acquisitions
dc3dd Acquisitions
aff Acquisitions
Linen Acquisitions
Hands-On Exercises
Previewing Devices
Using loop
iSCSI - Previewing and Imaging
iSCSI Initiators - Windows and Linux
Additional Tricks and Useful Utilities
Memory Analysis
What's in Memory?
Simple Tools and Techniques
Strings, grep, foremost, scalpel
Advanced Tools and Techniques
ptfinder, volatility
Hands-On Exercises

 

Enroll Now

Fields marked with * are mandatory.

Workshop Seminar Newspaper Internet Facebook Others