Juvenile Justice Agencies

Work-Life Balance: Identifying Ways to Enhance Communication During the Holidays

This webinar will unpack some of the challenges first responder families face during the holiday season. Dr. Craw will share her experiences as the daughter of a police officer, and Elizabeth Strong will discuss her perspectives as a 911 dispatcher. Together, they will provide insight into how families can enhance communication to address concerns about missing time together, feeling detached, and having difficulty transitioning home during the holidays. The speakers will also highlight ways families can avoid adverse outcomes of managing work-life balance, such as guilt, stress, or tension.

Presented by:
Dr. Erin Craw, Ph.D., Director of Research, Lighthouse Health and Wellness
Elizabeth Strong, Wellness and Mental Health Initiatives, NW3C

DF330 Advanced Digital Forensic Analysis: iOS & Android

This course provides the advanced skills and knowledge necessary to analyze data on iOS devices (iPod Touch, iPhone, and iPad) and Android devices at an advanced level. Students use forensically-sound tools and techniques to analyze potential evidence, employing advanced techniques to uncover evidence potentially missed or misrepresented by commercial forensic tools. Topics include identifying potential threats to data stored on devices, available acquisition options, accessing locked devices, and the default folder structure. Core skills include analyzing artifacts such as device information, call history, voicemail, messages, web browser history, contacts, and photos. Instruction is provided on developing the hunt methodology for analyzing third party applications not supported by commercial forensic tools.

Mobile device hardware fundamentals. How mobile devices work, store data, and interact with a variety of networks.
Device handling. Properly preserving data for imaging and analysis. Identifying potential threats to data integrity.
Device acquisition and security. Acquisition options (physical, logical, device backups). Bypassing passcodes and properly defeating encrypted backups of iOS devices.
Advanced analysis techniques. Mounting images, partitioning scheme and default folder structure, types of artifacts (plists, SQLite databases, etc.).

FC200 Intermediate Level Spreadsheeting Skills: Assessing and Organizing Data

This intermediate spreadsheeting course uses Microsoft Excel to assess and organize data in an electronic format. The class is designed for learners who have experience using Excel and who want to increase their spreadsheeting knowledge and skills. Topics include text functions, absolute referencing, date and time functions, flash fill, handling formula errors, VLOOKUP, dynamic arrays, and data validation. The course combines live demonstrations, instructor-led exercises, and independent student exercises.

FC200 Intermediate Level Spreadsheeting Skills: Assessing and Organizing Data

This intermediate spreadsheeting course uses Microsoft Excel to assess and organize data in an electronic format. The class is designed for learners who have experience using Excel and who want to increase their spreadsheeting knowledge and skills. Topics include text functions, absolute referencing, date and time functions, flash fill, handling formula errors, VLOOKUP, dynamic arrays, and data validation. The course combines live demonstrations, instructor-led exercises, and independent student exercises.

FC105 Financial Records Examination and Analysis

This course covers the acquisition, examination, and analysis of many types of financial records, including bank statements and checks, wire transfer records, and business records. Topics include recognizing and investigating common indicators of fraud, using spreadsheets to facilitate analysis and pattern recognition, and financial profiling. There is a strong focus on presenting financial evidence in multiple modalities: spreadsheet data outputs, graphic representations, and written/oral presentations.

*Introduction to analysis. Best practices. Finding patterns. Indicators of fraud. Presenting your findings.
*Financial records. Bank records. Business documents.
*Financial profiling. Methods of profiling. Reasons to create a profile. Creating a profile.
*Hands-on experience. Work a mock financial case as part of an investigative team.

DF201 Intermediate Digital Forensic Analysis: Automated Forensic Tools

This course provides students with the fundamental knowledge and skills necessary to perform a limited digital forensic examination, validate hardware and software tools, and effectively use digital forensic suites and specialized tools. The course begins with a detailed study of the digital forensic examination process, including documentation, case management, evidence handling, validation, and virtualization. Students learn to use todays leading commercial and open source digital forensic suites: Magnet Axiom, X-ways Forensic, and Autopsy. Instruction on each suite will include an interface overview, configuration, hashing, file signature analysis, keyword searching, data carving, bookmarking, and report creation.

*Digital forensic process. Evidence review; requests for examination; case management.
*Validation. Creation of validation images; validation testing.
*Effective tool usage. Tool interface; hashing; file signature analysis; data carving; searching; metadata; bookmarking.
*Reporting. General report structure; report templates; using tool-generated reports.

FC204 Combating Transnational Crime & Terrorism Financing

An effective financial investigation can disrupt terrorism organizations and interrupt, deter, or even stop operational terrorism activities before they can begin. In this three-day course, students develop an understanding of how financial systems are used to support terrorism activities and transnational criminal organizations. Students will work with tools and methods to investigate the manipulation of financial, communication, and business systems used for illicit purposes. Students will learn how to work with suspicious activity reports, crucial financial records such as Society for Worldwide Interbank Financial Telecommunications (SWIFT) messaging, and records used in banking and money services businesses. They will also learn how to gather information and evidence on other means of value transfer methods associated with money laundering, the black-market peso and forms of trade-based money laundering, hawala, and other alternate remittance systems, and virtual assets (cryptocurrency).

FC122 Intellectual Property Theft Training

This course introduces the problem of intellectual property theft and provides tools, techniques, and resources for investigating and prosecuting these crimes. A combination of lecture, discussion, and interactive exercises illustrates the potential dangers and economic repercussions of counterfeit products, as well as best practices and techniques for investigating IP theft. Students are provided with a state-specific folder that includes relevant statutes, sample organizational documents for IP investigations, and additional resources for investigators and prosecutors.

This course is presented in collaboration with the National Association of Attorneys General (NAAG).
Awareness. Types of IP crimes. The criminals who commit these crimes. Impacts and dangers.
Investigation. Online and traditional techniques. Working with brand experts and the private sector. Large amounts of evidence. Resources.
Statutes. Prosecutorial theories. State-specific discussion.
Hands-on experience. Work with real counterfeit products. Identify fakes with expert guidance.

FC201 Financial Records Investigative Skills

This course builds on the concepts introduced in FC101 (FIPS) and FC105 (FREA), introducing investigators and prosecutors to emerging issues in financial crime. Topics include money laundering, analyzing large financial data sets, conducting effective interviews, and managing large amounts of financial evidence. This course consists of a mix of lecture, discussion, and hands-on exercises. Students conduct a mock investigation that includes interviews, data analysis, and the examination of various documents.

*Money laundering. Methods of laundering money. Tracing illegal funds. Emerging issues. FinCEN.
*Spreadsheeting skills. Spreadsheet architecture. Formulas and calculations. Pivot tables.
*Working with financial data. Benfords law analysis. Disentangling commingled funds.
*Hands-on experience. Work a mock financial case as part of an investigative team.

DF205 Intermediate Digital Forensic Analysis: SQLite Primer

Mobile devices dominate the intake list, and the desks of most digital forensics analyst globally. Devices are becoming more secure, with an increase in security the need for detailed analysis is increasing as well. SQLite is a self-contained, serverless database engine. It is found on nearly every operating system and dominates iOS, Android, and macOS as one of the most prevalent and relevant data storage mechanisms. Rather than hope our forensic tools support the newest applications or be tethered to how a certain utility parses data we can arm ourselves with the skills and techniques needed to conquer the analysis of nearly any application.

What is SQLite and how to identify and analyze logically
Recognizing relevant locations of valuable data within SQLite database.
Develop skills needed for crafting custom SQLite queries.
Learn how to recognize and decode a variety of common timestamp formats.
Learn how to perform SQLite analysis with automation.

Pages