The "Cybercop (CC) 250 Linux Open Source Forensics" course teaches students how to use free and open source software to conduct digital forensic examinations. Students learn to locate and install free Linux-based forensic software. After covering key forensic concepts as applied to open source software, basic forensic analysis techniques are covered. Topics include imaging and mounting, the review and examination of live and deleted files, hash analysis, keyword searching, Windows Registry, scripting, local and environmental variables, report creation, and the identification and extraction of file metadata.
Course structure:
- Digital forensic examination with free open source software. Learn how to access many file systems, review the contents of live files, and identify and recover deleted files.
- Linux forensic suites. Explore Autopsy, Digital Forensics Framework, and Bulk Extractor.
- Linux basics. Understand the Virtual File system, referencing objects, and metadata.
- Hands-on experience. Work with tools and best practices.
Prerequisite: CC 201 – Digital Evidence Examination and Processing classroom course. Equivalent training and/or experience may substitute for the prerequisite.
| Amount | Description |
|---|---|
$0.00 | Free to Law Enforcement |