Computer Forensics
Computer Forensics HardwareComputer Forensics SoftwareComputer Forensics TrainingComputer Forensics ServicesPurchase Forensic Computer ProductsTechnical SupportCompany Information

SIGN UP ON THE DI MAILING LIST

DIGITAL INTELLIGENCE

 17165 W. Glendale Drive
New Berlin, WI 53151
866-DIGINTEL (866-344-4683)
Outside the US: 262-782-3332

Site Contents Copyright © 2008
www.DigitalIntelligence.com

4 FORENSIC SPECIALISTS ONLINE

COMPUTER FORENSIC ESSENTIALS

Computer Forensic Essentials

Next Class | TBA

This class is designed to introduce the student to concepts, techniques, and tools providing a solid foundation in concepts related to the investigation, preservation, and processing of computer based evidence.

  • Computer crime overview and raid considerations
  • Operating systems and file systems
    • Difference between an Operating System and a file system
    • File systems supported by DOS, Win9x and NTx
    • Why we still use DOS in forensics
  • MSDOS commands
    • Internal and external commands
    • Directory structure and “Path”
    • Navigating between partitions and directories
  • Hardware, BIOS and CMOS
    • Types of hardware encountered
    • Role of the BIOS and CMOS
    • Information of interest in CMOS
  • Configuring & connecting hard drives
    • IDE
    • SCSI
    • SATA
  • Physical drive structure
    • Cylinder, Head, Sector addressing
    • Logical Block Addressing
  • Partitions
    • Primary
    • Extended/logical drives
    • Hidden
  • Boot process & Drive letter assignment
    • DOS and Win9x
  • Write blockers
    • Software
    • Hardware
    • DI's write blockers
  • Creating a control boot floppy
  • Creating a duplicate image
  • Computer data
    • Bits/Bytes
    • ASCII
    • Hexadecimal
  • FAT file system
    • Formatting a logical drive
    • Changes that occur when a file is saved
    • Changes that occur when file is deleted and recovering deleted files
  • NTFS file system
    • Formatting
    • Changes that occur when a file is saved
    • Changes that occur when file is deleted
  • Forensic examination topics
    • Date and time information (FAT and NTFS)
    • Long filenames
    • Recycle Bin
    • File types
    • Key word searches
    • Encryption
      • Symmetric
      • Asymmetric
      • Win2K/XP EFS
    • Compression
      • PK archives
      • NTFS built-in compression
    • Carving from unallocated and slack space
  • Final practical

Digital Intelligence Offers the Following Computer Forensic Training Programs

In addition to these classes, custom training programs can be developed to meet specific customer requirements. For additional information on these three training programs, as well as scheduling information, please contact Digital Intelligence at (262) 782-3332.

FREE TRAINING WITH FRED SYSTEM PURCHASE

Digital Intelligence offers free training. This limited time offer will provide a single seat in our Computer Forensics with FRED class for each FRED system purchased. This program offers a great opportunity to obtain detailed training in the operation and configuration of your new FRED system! Limited seating is available in each class under this offer so make your arrangements early. Although tuition will be covered under this program, travel, meals, and lodging will be the responsibility of the student. A credit card commitment will be required to reserve seating under this program as last minute cancellations and no-shows will be charged a $150.00 cancellation fee (otherwise no charges will be applied).