Justice Information Sharing

Cyber Investigation 152 - Search Warrants & Digital Evidence Web-based (Nov 2017)

This course provides information on obtaining and executing search warrants in cases involving digital evidence, with a focus on the similarities and differences between these and other search warrants. The course covers:

Cyber Investigation 152 - Search Warrants & Digital Evidence Web-based (Oct 2017)

This course provides information on obtaining and executing search warrants in cases involving digital evidence, with a focus on the similarities and differences between these and other search warrants. The course covers:

Cybercop 350 Mobile Device Forensic Analysis (June 2018)

The "Cybercop (CC) 350 - Mobile Device Forensic Analysis" (MDFA) course provides the fundamental knowledge and skills necessary to preserve, acquire, and analyze data on iOS devices (iPod Touch, iPhone, and iPad), as well as various Android devices. Students use forensically sound tools and techniques to acquire and analyze potential evidence. Topics include identifying potential threats to data stored on devices, available imaging options, accessing locked devices, and the default folder structure.

Cybercop 325 - Macintosh Forensic Analysis

The "Cybercop (CC) 325 - Macintosh Forensics Analysis" (MFA) course provides the fundamental knowledge and skills necessary to identify and collect volatile data, acquire forensically-sound images of Apple Macintosh computers, and perform forensic analysis of the macOS operating system and application artifacts. Students gain hands-on experience scripting and using automated tools to conduct a simulated live triage. Students will use multiple methods to acquire forensically-sound images of Apple Macintosh computers and identify unique challenges that this task may present.

Cybercop 315 Windows Artifacts - WinArt

The "Cybercop (CC) 315 Windows Artifacts - WinArt" (WinArt) course covers the identification and extraction of artifacts associated with the current versions of Microsoft Windows operating systems (Vista through Windows 10) and the New Technology file system. Topics include the change journal, BitLocker, and a detailed examination of the various artifacts found in each of the registry hive files. Students examine event logs, volume shadow copies, link files, and thumbnails. This course uses a mixture of lecture, discussion, demonstration, and hands-on exercises.

Cyber Investigation 156 - Post Seizure Evidentiary Concerns - LC6 WB

In contrast to the other LCDE modules, which deal primarily with the acquisition of digital evidence, LC6-WB addresses legal issues that appear relatively late in the investigative and judicial process. Topics include the Fifth Amendment as it applies to passwords and login credentials, determining the ownership of files on digital devices, and the admissibility of online evidence.

LC6-WB is the sixth of seven modules in the training series Legal Concerns for Digital Evidence Responders. It can be completed as a stand-alone course or in combination with the other six modules.

Cyber Investigation 101 - Secure Techniques for Onsite Preview (Jan 2018)

The "Cyber Investigation (CI) - Secure Techniques for Onsite Preview" course covers the usage and configuration of two tools (Paladin/Autopsy and osTriage) designed to preview a non-mobile digital device and export files of evidentiary value. DAY ONE is designed to preview a non-mobile digital device and export files of evidentiary value from a device that is powered on. DAY TWO is designed to preview a non-mobile digital device and export files of evidentiary value from a device that is powered off.

Cyber Investigation 157 - Mobile Digital Devices & GPS Web-based (Oct 2017)

"Cyber Investigation 157 - Mobile Digital Devices & GPS" (LC7-WB) addresses the legal issues surrounding mobile digital devices, including cell phones and GPS devices. Topics include seizing and searching mobile devices, the process of obtaining both historical and current location information from cellular service providers, and the legal process needed to install a GPS unit on a suspect’s vehicle. LC7-WB is the seventh of seven modules in the training series Legal Concerns for Digital Evidence Responders.

Cybercop 350 Mobile Device Forensic Analysis (Oct 2017)

The "Cybercop (CC) 350 - Mobile Device Forensic Analysis" (MDFA) course provides the fundamental knowledge and skills necessary to preserve, acquire, and analyze data on iOS devices (iPod Touch, iPhone, and iPad), as well as various Android devices. Students use forensically sound tools and techniques to acquire and analyze potential evidence. Topics include identifying potential threats to data stored on devices, available imaging options, accessing locked devices, and the default folder structure.

Cyber Investigation 201 - Social Media & Open Source Investigations SMOSI

The "Cyber Investigations 201 - Social Media & Open Source Investigations" (SMOSI) course covers the skills investigators need to conduct successful online investigations involving social media. Topics include internet basics, such as IP addresses and domains; an overview of currently popular social media platforms; and best practices for building an online undercover profile.

Pages