Courses by Description

This course is funded through OJJDP. To register for this class, you must be affiliated with an ICAC Task Force. Furthermore, you must agree to comply with the Best Practices and Standards established by ICAC. If you have any questions about the ICAC Best Practices and Standards, please contact your ICAC commander.

This 3 1/2 day course is designed to teach the recovery of “trace evidence” left on a computer system as a result of using the Internet. INET covers information about the use of Internet Explorer, FireFox, AOL and several of the instant messaging tools like Yahoo, AIM and WLM (Windows Live Messenger). This is NOT an "Undercover Investigation" course! Topical areas include the recovery and examination of cookies, cache, history files, and auto-complete information (passwords); Instant Messenger registry entry and file structure information; Outlook Express email, AOL Client stored-mail, buddy lists, address books and more. The Microsoft COFEE program will be utilized to capture pertinent volatile information about the computer system’s Internet connection status prior to take-down. This course requires the student have previous training in Cybercop 101 (BDRA) and Cybercop 201 (IDRA), or the equivalent and experience drawn from the application of the techniques utilized in the Cybercop 101 (BDRA)/Cybercop 201 (IDRA) training.