PSP

DF201 Intermediate Digital Forensic Analysis: Automated Forensic Tools

This course provides students with the fundamental knowledge and skills necessary to perform a limited digital forensic examination, validate hardware and software tools, and effectively use digital forensic suites and specialized tools. The course begins with a detailed study of the digital forensic examination process, including documentation, case management, evidence handling, validation, and virtualization. Students learn to use todays leading commercial and open source digital forensic suites: Magnet Axiom, X-ways Forensic, and Autopsy. Instruction on each suite will include an interface overview, configuration, hashing, file signature analysis, keyword searching, data carving, bookmarking, and report creation.

*Digital forensic process. Evidence review; requests for examination; case management.
*Validation. Creation of validation images; validation testing.
*Effective tool usage. Tool interface; hashing; file signature analysis; data carving; searching; metadata; bookmarking.
*Reporting. General report structure; report templates; using tool-generated reports.

Searching for the Digital Evidence in Your Physical Crime Scene: Part 2

Early identification and recovery of digital evidence are critical for an investigation, and the amount and types of technical evidence have grown exponentially. This webinar will discuss digital "footprints" that can help you during your investigations, regardless of your technical background. We will discuss victim-based, suspect-based, and location-based ways of finding evidence to include innovative ways of seeing a crime scene through different technologies. Remember, even though your suspects device did not "connect" to anything, it likely did leave a trail on the victims device, nearby routers, or may have been collected by tech companies. This webinar is designed for investigators, prosecutors, crime analysts, or those who generally investigate crimes. No high-tech background is needed! Though it is recommended, you do not need to attend part 1 to attend part 2.

NDCAC Resources for Law Enforcement in the Digital Age

The NDCAC is a national center established under the Department of Justice designed to help facilitate technical knowledge management, and to foster the sharing of solutions and know how among law enforcement agencies. Their mission is to strengthen law enforcements relationships with the communications industry, leverage and share the collective technical knowledge and resources of the law enforcement community, and address challenges posed to law enforcement by advanced communications services and technologies. This one-hour webinar will introduce you to the many resources available through the NDCAC to include technical solutions, training, tools, and analytics.

Searching for the Digital Evidence in Your Physical Crime Scene: Part 1

Early identification and recovery of digital evidence are critical for an investigation, and the amount and types of technical evidence have grown exponentially. This webinar will discuss digital "footprints" that can help you during your investigations, regardless of your technical background. We will discuss victim-based, suspect-based, and location-based ways of finding evidence to include innovative ways of seeing a crime scene through different technologies. Remember, even though your suspects device did not "connect" to anything, it likely did leave a trail on the victims device, nearby routers, or may have been collected by tech companies. This webinar is designed for investigators, prosecutors, crime analysts, or those who generally investigate crimes. No high-tech background is needed! Though it is recommended, you do not need to attend part 1 to attend part 2.

The Importance of Social Support and Interpersonal Relationships in Officers' Mental Health

Join Erin Craw as she explains the benefits of social support in mitigating the adverse effects of stress on officers' health and wellbeing. Dr. Craw will also discuss ways to support officers on and off the job. This webinar will also include recommendations and guidance for having difficult conversations with family members.

Did I Do That? An Introduction to Mobile Device Artifact Research and Testing

Have you ever wondered how the forensic tools you use, know what they do? Have you ever wondered what an artifact means and why the 0 indicates a call was missed? Join NW3C High-Tech Crime Specialist Chris Atha as he introduces how to find these answers. Chris will break down the basics of setting up a mobile test device and performing basic differential testing using an iOS device. These steps will be performed using various free and open source tools, which students can use to follow along.

Understanding Different Types of Stressors & Police Officers' Preferences for Support

Join Dr. Erin Craw for a discussion about the different types of stressors police officers experience, the importance of culturally competent support, and the role of communication in addressing the needs of officers. This webinar will also involve conversations about officers' preferences in receiving support from their departments.

The Role of Online Social Media in Predicting and Interdicting Spree Killings: Case Studies and Analysis

Online social media and emerging methods of electronic communication are changing how people communicate and interact with world around them. Increasingly, those contemplating engaging acts of spree violence express themselves in online social media. It is important that investigators, analysts, and those responsible for school, workplace, and public safety understand how this behavior plays a key role in predicting and interdicting the violence. Items of evidentiary value can now often be recovered from online communities. This evidence can provide indicators of planned violence and help to shed light on the thought processes and motivations that led to the tipping point of violence.
The training will explore the interaction between social media and spree violence through a historical examination of case studies ranging in time from 1927 to 2022. Police, prosecutors, probation officers, school and university administrators, and others responsible for workplace and public safety can all benefit from this training.

Prosecuting Professional Fraud: Investigative Case Studies

When the target of an investigation is a professional, like a doctor or lawyer, it can complicate the case. It can be even more complex when the target is pretending to be a professional. During the course of the investigation, you may have to navigate subpoena productions around privileges like the attorney client privilege or HIPPA. We will highlight some of the thorny issues that can arise during these investigations and discuss how certain strategies can positively impact your case by examining several case studies.

DF330 Advanced Digital Forensic Analysis: iOS & Android

This course provides the advanced skills and knowledge necessary to analyze data on iOS devices (iPod Touch, iPhone, and iPad) and Android devices at an advanced level. Students use forensically-sound tools and techniques to analyze potential evidence, employing advanced techniques to uncover evidence potentially missed or misrepresented by commercial forensic tools. Topics include identifying potential threats to data stored on devices, available acquisition options, accessing locked devices, and the default folder structure. Core skills include analyzing artifacts such as device information, call history, voicemail, messages, web browser history, contacts, and photos. Instruction is provided on developing the hunt methodology for analyzing third party applications not supported by commercial forensic tools.

Mobile device hardware fundamentals. How mobile devices work, store data, and interact with a variety of networks.
Device handling. Properly preserving data for imaging and analysis. Identifying potential threats to data integrity.
Device acquisition and security. Acquisition options (physical, logical, device backups). Bypassing passcodes and properly defeating encrypted backups of iOS devices.
Advanced analysis techniques. Mounting images, partitioning scheme and default folder structure, types of artifacts (plists, SQLite databases, etc.).

Pages