Justice Information Sharing

IA102 Introduction to Link Analysis

This course introduces analysts to the broader concepts of connecting the dots through link analysis. A critical portion of conducting a successful analytical investigation is the ability to link together and understand the complexities of the connectedness between people and organizations. Introduction to Link Analysis (ILA) expands on the basic principles of link and association analyses explored in the Foundations of Intelligence Analysis Training (FIAT) while building a framework for more advanced methods such as social network analysis.

Expanding basic knowledge of link and association analysis
Explaining the process of social network analysis
Understanding the visual mapping and mathematical components associated with link and social network analyses

DF330 Advanced Digital Forensic Analysis: iOS & Android

This course provides the advanced skills and knowledge necessary to analyze data on iOS devices (iPod Touch, iPhone, and iPad) and Android devices at an advanced level. Students use forensically-sound tools and techniques to analyze potential evidence, employing advanced techniques to uncover evidence potentially missed or misrepresented by commercial forensic tools. Topics include identifying potential threats to data stored on devices, available acquisition options, accessing locked devices, and the default folder structure. Core skills include analyzing artifacts such as device information, call history, voicemail, messages, web browser history, contacts, and photos. Instruction is provided on developing the hunt methodology for analyzing third party applications not supported by commercial forensic tools.

Mobile device hardware fundamentals. How mobile devices work, store data, and interact with a variety of networks.
Device handling. Properly preserving data for imaging and analysis. Identifying potential threats to data integrity.
Device acquisition and security. Acquisition options (physical, logical, device backups). Bypassing passcodes and properly defeating encrypted backups of iOS devices.
Advanced analysis techniques. Mounting images, partitioning scheme and default folder structure, types of artifacts (plists, SQLite databases, etc.).

FC201 Financial Records Investigative Skills

This course builds on the concepts introduced in FC101 (FIPS) and FC105 (FREA), introducing investigators and prosecutors to emerging issues in financial crime. Topics include money laundering, analyzing large financial data sets, conducting effective interviews, and managing large amounts of financial evidence. This course consists of a mix of lecture, discussion, and hands-on exercises. Students conduct a mock investigation that includes interviews, data analysis, and the examination of various documents.

*Money laundering. Methods of laundering money. Tracing illegal funds. Emerging issues. FinCEN.
*Spreadsheeting skills. Spreadsheet architecture. Formulas and calculations. Pivot tables.
*Working with financial data. Benfords law analysis. Disentangling commingled funds.
*Hands-on experience. Work a mock financial case as part of an investigative team.

CI101 Basic Cyber Investigations: Digital Footprints

This course introduces learners to the concept of digital footprints and best practices in protecting personally identifiable information (PII). Topics include limiting an individuals digital footprint, protecting privacy on social media, and the consequences of oversharing personal information; as well as steps to take after becoming a target of doxing.

*Current landscape. Emerging technology and trends that can aid criminals in the commission of identity theft, credit card theft, child exploitation, and production of counterfeit documents.
*Personally identifiable information (PII). Learn what PII is, why it can threaten individuals safety, and the scams and exploits criminals use to obtain it.
*Minimizing your digital footprint. Learn how and why you should remove PII, and how to find where information may be located. Instructors demonstrate how to secure digital devices and request removal of data from a website.
*Social media. Use security and privacy settings to control the amount of available information on multiple platforms.
*Resources. Identify resources that can help victims of identity theft, doxing, and other related crimes.

FC099 Basic Level Spreadsheeting Skills

This one-day course provides foundational spreadsheeting knowledge and skills to enhance workplace productivity. The course covers basic navigation of Microsoft Excel by combining live demonstrations and hands-on exercises.

Work with multiple worksheets within a workbook
Hide, unhide, and protect worksheets
Adjust rows and columns
Use copy and paste options
Find, select, and sort data

DF100 Basic Digital Forensic Analysis: Seizure

This course introduces the information and techniques law enforcement personnel need to safely and methodically collect and preserve digital evidence at a crime scene. Topics include recognizing potential sources of digital evidence; planning and executing a digital evidence-based seizure; and the preservation, packaging, documentation, and transfer of digital evidence.

*Prepare. Prepare to respond to an incident or crime scene where digital evidence may be present.
*Identify. Learn tow to identify relevant sources of digital evidence in an ever-evolving landscape.
*Collect. Learn the proper methods of digital evidence collection.
*Preserve. Build upon the three previous principles to ensure valid and legal preservation of digital evidence can occur.

CI101 Basic Cyber Investigations: Digital Footprints

This course introduces learners to the concept of digital footprints and best practices in protecting personally identifiable information (PII). Topics include limiting an individuals digital footprint, protecting privacy on social media, and the consequences of oversharing personal information; as well as steps to take after becoming a target of doxing.

*Current landscape. Emerging technology and trends that can aid criminals in the commission of identity theft, credit card theft, child exploitation, and production of counterfeit documents.
*Personally identifiable information (PII). Learn what PII is, why it can threaten individuals safety, and the scams and exploits criminals use to obtain it.
*Minimizing your digital footprint. Learn how and why you should remove PII, and how to find where information may be located. Instructors demonstrate how to secure digital devices and request removal of data from a website.
*Social media. Use security and privacy settings to control the amount of available information on multiple platforms.
*Resources. Identify resources that can help victims of identity theft, doxing, and other related crimes.

DF100 Basic Digital Forensic Analysis: Seizure

This course introduces the information and techniques law enforcement personnel need to safely and methodically collect and preserve digital evidence at a crime scene. Topics include recognizing potential sources of digital evidence; planning and executing a digital evidence-based seizure; and the preservation, packaging, documentation, and transfer of digital evidence.

*Prepare. Prepare to respond to an incident or crime scene where digital evidence may be present.
*Identify. Learn tow to identify relevant sources of digital evidence in an ever-evolving landscape.
*Collect. Learn the proper methods of digital evidence collection.
*Preserve. Build upon the three previous principles to ensure valid and legal preservation of digital evidence can occur.

CI240 Intermediate Cyber Investigations: Virtual Currency

This course provides students with the fundamental knowledge and skills they need to investigate crimes involving virtual currency. Instructors explain foundational concepts like the characteristics of money, virtual currency, and cryptocurrency. Blockchain technology, proof work, and proof of stake are covered; and students learn how industry-leading cryptocurrencies (Bitcoin, Ethereum, and Monero) work and how they differ from each other. Finally, students learn investigative techniques for tracking and documenting transactions; and best practices for seizing and securing cryptocurrency.

*Virtual currency basics. History of money and of virtual currency. Categorizing virtual currency.
*Blockchain. History of the blockchain. Understanding different protocols.
*Cryptocurrencies in detail. Bitcoin, Ethereum, Monero and other privacy coins.
*Investigative techniques. Seizing virtual currency; tracking transactions through the blockchain; documenting investigative results.

CI102 Basic Cyber Investigations: Dark Web & Open Source Intelligence

This course provides expert guidance in the skills law enforcement officers need to conduct successful online investigations. Topics include IP addresses and domains, an overview of currently popular social media platforms, best practices for building an undercover profile, foundational knowledge related to the dark web, and the use of the dark web as an investigative tool. Instructors demonstrate both open-source and commercially-available investigative tools for social engineering, information gathering, and artifacts related to social media; as well as automated utilities to capture information and crawl websites.

*Internet basics. IP address assignment; resolving domains and IP addresses; networking overview.
*Popular sites. Facebook, Twitter, KiK Messenger, Snapchat, Instagram, tumblr, and more.
*The dark web. Surface, deep, and dark web; how data flows through the internet. Who uses the dark web and how?
*Tor. How to access Tor; how Tor traffic works; how a Tor Hidden Service works; installing and configuring the Tor Browser Bundle.

Pages