4 Day (Tuesday - Friday)

Category: Forensic

Instructor: Leo Thrush

Instructor Bio:

Leo Thrush is recognized as one of the worldwide leaders in the field of Information Assurance. Leo is a Senior Consultant and Instructor for Mile2 with 39 years of experience in information security, IT operations, risk management, and business continuity. A dynamic and enthusiastic speaker, Leo draws the audience into his presentations with a wealth of real-life experience and practical, relevant information.

Leo has been responsible for educational systems, management consulting, and business analysis for major clients including the Royal Canadian Mounted Police (RCMP), Farm Credit Canada (FCC), Child and Youth Data Laboratory, US Whitehouse, US Department of Defense, Pentagon, US National Security Agency (NSA), Central Intelligence Agency (CIA), Boeing, General Dynamics, Raytheon, Business Continuity Institute (BCI), Disaster Recovery Institute (DRI), IEEE, SCIPP International, and (ISC)2.

Course Description:

he Certified Digital Forensics Examiner vendor-neutral certification is designed to train Cyber Crime and Fraud Investigators whereby students are taught electronic discovery and advanced investigation techniques. This course is essential to anyone encountering digital evidence while conducting an investigation. Mile2’s Certified Digital Forensics Examiner training teaches the methodology for conducting a computer forensic examination. Students will learn to use forensically sound investigative techniques in order to evaluate the scene, collect and document all relevant information, interview appropriate personnel, maintain chain-of-custody, and write a findings report. The Certified Digital Forensics Examiner course will benefit organizations, individuals, government offices, and law enforcement agencies interested in pursuing litigation, proof of guilt, or corrective action based on digital evidence.

Upon completion, Certified Digital Forensics Examiner students will be able to establish industry acceptable digital forensics standards with current best practices and policies. Students will also be prepared to competently take the C)DFE exam.

Course Outline

Module 1 - Introduction

Module 2 – Computer Forensic Incidents

Module 3 - Investigation Process

Module 4 - Disk Storage Concepts

Module 5 - Digital Acquisition & Analysis

Module 6 - Forensic Examination Protocols

Module 7 - Digital Evidence Protocols

Module 8 - CFI Theory& Scanning

Module 9 - Digital Evidence Presentation

Module 10 - Computer Forensic Laboratory Protocols

Module 11 – Computer Forensic Processing Techniques

Module 12- Digital Forensics Reporting

Module 13 - Specialized Artifact Recovery

Module 14- e-Discovery and ESI

Module 15- Mobile Device Forensics

Module 16- USB Forensics

Module 17- Incident Handling& Scanning

Lab Outline

Lab 1 - Preparing Forensic Workstation

Lab 2 – Chain of Custody

Lab 3 - Imaging Case Evidence / FTK Imager

Lab 4 - Create a new case for Autopsy

Lab 5 - Reviewing Evidence / Autopsy (Case #1)

Lab 6 - Reviewing Evidence / Autopsy (Case #2)

Requirements:

Laptop required.