Judges

CI130 Basic Cyber Investigations: Cellular Records Analysis (May 12–13, 2021, Virtual)

This course is for officers, investigators, and analysts who encounter cell phone evidence that includes information external to the phone. Class concepts include instruction on how to request, read, and analyze call detail records from cellular providers, and how to plot cellular site locations to determine the approximate position of a suspect during a given period. No special hardware or software is required. However, this course focuses heavily on analysis; as such, a strong working knowledge of Microsoft Excel is highly recommended. Students are provided with a free copy of the National White Collar Crime Center's (NW3C) PerpHound tool, which assists in the plotting of call detail record locations.

CI130 Basic Cyber Investigations: Cellular Records Analysis (May 25–26, 2021, Virtual)

This course is for officers, investigators, and analysts who encounter cell phone evidence that includes information external to the phone. Class concepts include instruction on how to request, read, and analyze call detail records from cellular providers, and how to plot cellular site locations to determine the approximate position of a suspect during a given period. No special hardware or software is required. However, this course focuses heavily on analysis; as such, a strong working knowledge of Microsoft Excel is highly recommended. Students are provided with a free copy of the National White Collar Crime Center's (NW3C) PerpHound tool, which assists in the plotting of call detail record locations.

Webinar - Emmett Till Cold Case Investigations and Training and Technical Assistance Program

Hosted by the Bureau of Justice Assistance (BJA), this webinar will provide details and guidance for potential applicants to BJA’s Emmett Till Cold Case Investigations and Training and Technical Assistance Program solicitation. This program supports efforts of state, local and tribal law enforcement and prosecutors and their partner to investigate, prosecute and resolve and support those impacted by unsolved homicides involving civil rights violations that occurred prior to December 31, 1979. This year, BJA added a category for national training and technical assistance. The presen

DF310 Advanced Digital Forensic Analysis: Windows (Apr. 6–9, 2021, Virtual)

This course covers the identification and extraction of artifacts associated with the Microsoft Windows operating system. Topics include the Change Journal, BitLocker, and a detailed examination of the various artifacts found in each of the Registry hive files. Students also examine Event Logs, Volume Shadow Copies, link files, and thumbnails. This course uses a mixture of lecture, discussion, demonstration, and hands-on exercises.

DF100 Basic Digital Forensic Analysis: Seizure (Apr. 6, 2021)

This course introduces the information and techniques law enforcement personnel need to safely and methodically collect and preserve digital evidence at a crime scene. Topics include recognizing potential sources of digital evidence; planning and executing a digital evidence-based seizure; and the preservation, packaging, documentation, and transfer of digital evidence.

DF330 Advanced Digital Forensic Analysis: iOS & Android (Apr. 19–22, 2021, Virtual)

This course provides the advanced skills and knowledge necessary to analyze data on iOS devices (iPod Touch, iPhone, and iPad) and Android devices at an advanced level. Students use forensically sound tools and techniques to analyze potential evidence, employing advanced techniques to uncover evidence potentially missed or misrepresented by commercial forensic tools. Topics include identifying potential threats to data stored on devices, using available acquisition options, accessing locked devices, and understanding the default folder structure. Core skills include analyzing artifacts such as device information, call history, voicemail, messages, web browser history, contacts, and photos. Instruction is provided on developing the "hunt" methodology for analyzing third-party applications not supported by commercial forensic tools.

CI240 Intermediate Cyber Investigations: Virtual Currency (Apr. 22–23, 2021, Virtual)

This course provides students with the fundamental knowledge and skills they need to investigate crimes involving virtual currency. Instructors explain foundational concepts like the characteristics of money, virtual currency, and cryptocurrency. Blockchain technology, proof work, and proof of stake are covered, and students learn how industry-leading cryptocurrencies (Bitcoin, Ethereum, and Monero) work and how they differ from each other. Finally, students learn investigative techniques for tracking and documenting transactions and best practices for seizing and securing cryptocurrency.

DF205 Intermediate Digital Forensic Analysis: SQLite Primer (Apr. 27, 2021, Virtual)

Mobile devices dominate the intake list and the desks of most digital forensics analysts globally. Devices are becoming more secure, with an increase in security; the need for detailed analysis is increasing as well. SQLite is a self-contained, serverless database engine. It is found on nearly every operating system and dominates iOS, Android, and macOS as one of the most prevalent and relevant data storage mechanisms. Rather than hope our forensic tools support the newest applications or be tethered to how a certain utility parses data, we can arm ourselves with the skills and techniques needed to conquer the analysis of nearly any application.

CI103 Basic Cyber Investigations: Advertising Identifiers (Apr. 29, 2021)

This one-day course, focused on device location information, is for law enforcement investigators and analysts. Class concepts include device identifiers (IDs) in general, advertising IDs in detail, important legal considerations, overall investigative process, and tools available to law enforcement. Students will use commercially available investigative tools for querying databases of Advertising IDs and displaying their recorded broadcast locations.

DF205 Intermediate Digital Forensic Analysis: SQLite Primer (May 6, 2021, Virtual)

Mobile devices dominate the intake list and the desks of most digital forensics analysts globally. Devices are becoming more secure, with an increase in security; the need for detailed analysis is increasing as well. SQLite is a self-contained, serverless database engine. It is found on nearly every operating system and dominates iOS, Android, and macOS as one of the most prevalent and relevant data storage mechanisms. Rather than hope our forensic tools support the newest applications or be tethered to how a certain utility parses data, we can arm ourselves with the skills and techniques needed to conquer the analysis of nearly any application.

Pages