Courses by Description
Computer Crimes Courses
Cyber Investigation 100 - Identifying and Seizing Electronic Evidence (ISEE)
This course is designed to instruct participants in the basics of recognizing potential sources of electronic evidence, preparing them to respond to an electronic crime scene, and to safely and methodically preserve and collect items of evidentiary value to be used in court proceedings. This particular course utilizes advanced adult learning skills and takes the participants through a process and methodology that can be presented either in a basic recruit academy atmosphere or an in-service training situation.
Cyber Investigation 101 - Secure Techniques for Onsite Preview (STOP)
This 2 day course is intended for probation/parole, detectives and officers conducting “knock and talk” interviews or spot checks and home visits. This class utilizes a Linux-based bootable CD to preview a suspect computer system for potential evidence in a forensically sound manner. The CD has the advantage of being able to “read” other computer system’s files without writing to or altering the data on those systems.
Cyber Investigation 105 - Basic Cell Phone Investigations (BCPI)
Cyber-Investigation 105 – Basic Cell Phone Investigations (BCPI) This 2-day course is for officers, investigators, and analysts that encounter cell phone evidence, and includes the acquisition and analysis of information external to the phone, specifically Call Detail Records. This course concentrates heavily on document analysis, in which a strong working knowledge of Microsoft Office® is preferred. This course also has a companion course, Cyber-Investigation 205 – Small Scale Digital Device Interrogation, which focuses on the obtainable data internal to the device itself.
Cyber Investigation 201 - Basic On-Line Technical Skills (BOTS)
Designed for the officer who is new to on-line investigations. The course will teach the basic technical skills and considerations involved in setting up an under-cover account, and techniques for both proactive and reactive online investigations. The student will learn how to document and trace real-time chats, instant messaging, and other on-line evidence.
Cyber-Investigation 205 - Cell Phone & Small Scale Digital Device Interrogation (CPSSDD)
Cyber-Investigation 205 – Small Scale Digital Device Interrogation (SSDDI) This 3-day course trains officers and investigators in the acquisition and analysis of information internal to cell phones and GPS devices. This course focuses heavily on cell phones, and allows the student hands-on time with several of the popular cell phone extraction tools available on the market. This course is the companion course to Cyber-Investigation 105 – Basic Cell Phone Investigations, which covers the information obtainable external to the phone (such as call detail records).
Cybercop 101 - Basic Data Recovery and Acquisition (BDRA)
Through a series of classroom presentations and hands-on reinforcement, participants will learn how a computer works, how data is stored and how to obtain a forensically sound image. This course provides attendees the knowledge and skills to successfully demonstrate their ability in protecting and preserving electronic evidence. Participants will use this class as a prerequisite to continue their professional development and to assist in the investigation and prosecution of cyber crime cases.
Cybercop 201 - Intermediate Data Recovery and Analysis (IDRA)
This 5-day course is designed to be the “sequel” to the Cybercop 101 (BDRA) course.
Cybercop 305 - Windows NT File System (NTFS)
This 4 day class introduces the experienced examiner to a “behind the scenes” approach to the NT file system. Students will explore the components of the file system (master file table), the concepts of the file system (resident vs non resident data), and the processing of the data tracked by the file system (saving, deleting, recycling, encrypting).
Cybercop 310 - Windows NT Operating System (NTOS)
This 4 day class introduces the experienced examiner to the Windows XP, Vista, and Windows 7 operating systems. Registry components and forensically relevant information they contain are emphasized throughout this course. Students will also examine the operating system’s security structures and volume shadow copy service.
Cybercop 320 - Windows Internet Trace Evidence (INET)
This 3 1/2 day course is designed to teach the recovery of “trace evidence” left on a computer system as a result of using the Internet.
Cybercop 401 - Linux File System for Computer Forensic Examiners (LinuxFS)
This 4 1/2 day class is designed for experienced computer forensic examiners who want to gain a better understanding of the unique issues related to Linux based computers. The class will emphasize the native Linux file systems (ext2, ext3 and Reiser), interpreting command shell histories, and the location of evidence on a Linux machine.
Fast CyberForensic Triage (FCT)
This 3-day course will introduce investigators and first responders to the process known as Fast CyberForensic Triage. Fast forensics is defined as “those investigative processes that are conducted within the first few hours of an investigation, that provides information used during the suspect interview phase. Due to the need for information to be obtained in a relatively short time frame, fast forensics usually involves an on site/field analysis of the computer system in question.”
ICAC - Cyber Investigation 100 - Identifying and Seizing Electronic Evidence (ICAC-ISEE)
This course is designed to instruct participants in the basics of recognizing potential sources of electronic evidence, preparing them to respond to an electronic crime scene, and to safely and methodically preserve and collect items of evidentiary value to be used in court proceedings. This particular course utilizes advanced adult learning skills and takes the participants through a process and methodology that can be presented either in a basic recruit academy atmosphere or an in-service training situation.
ICAC - Cyber Investigation 105 - Basic Cell Phone Investigations (ICAC-BCPI)
Cyber-Investigation 105 – Basic Cell Phone Investigations (BCPI) This 2 day course is designed as a basic introduction for officers, investigators, and analysts looking to initiate or follow up on cell phone related cases. It is based around the acquisition and analysis of information external to the phone, particularly Call Detail Records. This course focuses heavily on analysis; a working knowledge of Microsoft Office® is highly recommended.
ICAC - Cyber-Investigation 101 - Secure Techniques for Onsite Preview (ICAC-STOP)
This 2 day course is intended for probation/parole, detectives and officers conducting “knock and talk” interviews or spot checks and home visits. This class utilizes a Linux-based bootable CD to preview a suspect computer system for potential evidence in a forensically sound manner. The CD has the advantage of being able to “read” other computer system’s files without writing to or altering the data on those systems.
ICAC - Cyber-Investigation 250 - Identifying & Seizing Electronic Evidence - Train the Trainer (ICAC-ISEE-T3)
ISEE-T3 is an Instructor Development Project (IDP) course. In a T3 course, participants are trained to instruct the ISEE course. After completing the course, they are supplied with all of the course materials that will allow them to instruct the course on their own, with support from NW3C. The course is designed to be instructed by non-technical instructors. Instructors with varying investigative backgrounds will be able to grasp the concepts and materials necessary to instruct the course.
ICAC - Cybercop 101 - Basic Data Recovery & Acquisition (ICAC-BDRA)
Through a series of classroom presentations and hands-on reinforcement, participants will learn how a computer works, how data is stored and how to obtain a forensically sound image. This course provides attendees the knowledge and skills to successfully demonstrate their ability in protecting and preserving electronic evidence. Participants will use this class as a prerequisite to continue their professional development and to assist in the investigation and prosecution of cyber crime cases.
ICAC - Cybercop 201 - Intermediate Data Recovery and Analysis (ICAC-IDRA)
This 5-day course is designed to be the “sequel” to the Cybercop 101 (BDRA) course.
ICAC - Cybercop 305 - Windows NT File System (ICAC-NTFS)
This 4 day class introduces the experienced examiner to a “behind the scenes” approach to the NT file system. Students will explore the components of the file system (master file table), the concepts of the file system (resident vs non resident data), and the processing of the data tracked by the file system (saving, deleting, recycling, encrypting).
ICAC - Cybercop 310 - Windows NT Operating System (ICAC-NTOS)
This 4 day class introduces the experienced examiner to the Windows XP, Vista, and Windows 7 operating systems. Registry components and forensically relevant information they contain are emphasized throughout this course. Students will also examine the operating system’s security structures and volume shadow copy service.
ICAC - Cybercop 320 - Windows Internet Trace Evidence (ICAC-INET)
This 3 1/2 day course is designed to teach the recovery of “trace evidence” left on a computer system as a result of using the Internet.
ICAC - Cybercop 401 - Linux File System for Computer Forensic Examiners (ICAC-Linux FS)
This 4 1/2 day class is designed for experienced computer forensic examiners who want to gain a better understanding of the unique issues related to Linux based computers. The class will emphasize the native Linux file systems (ext2, ext3 and Reiser), interpreting command shell histories, and the location of evidence on a Linux machine.
Introduction to Securing Law Enforcement Networks (ISLEN)
This 3-day course is designed for smaller departments to assist in the securing of their networks. The course helps network administrators/officers by providing tips and techniques for securing their network and covers items such as host-based security, physical security, LAN-based security, and perimeter security.
|
Find Courses By Location