Juvenile Justice Agencies

DF101 Basic Digital Forensic Analysis: Windows Acquisition

This course provides the fundamental knowledge and skills required to acquire forensic backup images of commonly encountered forms of digital evidence (Microsoft Windows based computers and external storage devices) in a forensically sound manner. Presentations and hands-on practical exercises cover topics on storage media and how data is stored, the forensic acquisition process, tool validation, hardware and software write blockers, forensic backup image formats, and multiple forensic acquisition methods. Students will use third party tools, both free and commercial, that are currently used by practitioners in the field.

FC101 Financial Investigations Practical Skills

This course provides hands-on investigative training at a basic level. Students develop the practical skills, insight, and knowledge necessary to manage a successful financial investigation from start to finish, including the acquisition and examination of financial records, interview skills, and case management and organization. Additional topics include forgery and embezzlement, financial exploitation of the elderly, working with spreadsheets, financial profiling, and state-specific statutes and legal issues.

*Emerging issues. Current trends in various types of financial crimes. Recent cases and their implications.
*Financial records. Learn to obtain and manage bank records, including basic spreadsheeting skills.
*Working with data. Extract leads and draw conclusions from bank records and other financial data.
*Hands-on experience. Work a mock financial case as part of an investigative team.

FC122 Intellectual Property Theft Training

This course introduces the problem of intellectual property theft and provides tools, techniques, and resources for investigating and prosecuting these crimes. A combination of lecture, discussion, and interactive exercises illustrates the potential dangers and economic repercussions of counterfeit products, as well as best practices and techniques for investigating IP theft. Students are provided with a state-specific folder that includes relevant statutes, sample organizational documents for IP investigations, and additional resources for investigators and prosecutors.

This course is presented in collaboration with the National Association of Attorneys General (NAAG).
Awareness. Types of IP crimes. The criminals who commit these crimes. Impacts and dangers.
Investigation. Online and traditional techniques. Working with brand experts and the private sector. Large amounts of evidence. Resources.
Statutes. Prosecutorial theories. State-specific discussion.
Hands-on experience. Work with real counterfeit products. Identify fakes with expert guidance.

DF100 Basic Digital Forensic Analysis: Seizure

This course introduces the information and techniques law enforcement personnel need to safely and methodically collect and preserve digital evidence at a crime scene. Topics include recognizing potential sources of digital evidence; planning and executing a digital evidence-based seizure; and the preservation, packaging, documentation, and transfer of digital evidence.

*Prepare. Prepare to respond to an incident or crime scene where digital evidence may be present.
*Identify. Learn tow to identify relevant sources of digital evidence in an ever-evolving landscape.
*Collect. Learn the proper methods of digital evidence collection.
*Preserve. Build upon the three previous principles to ensure valid and legal preservation of digital evidence can occur.

IA105 Intelligence Writing and Briefing

This course covers basic intelligence writing and briefing principles as well as methods for effective and clear intelligence sharing. Topics covered include creative and critical thinking, critical reading skills, source evaluation, privacy and civil rights, intelligence writing style and structure, and generating and presenting intelligence briefings. With guidance from experienced experts, students gain hands-on experience by working through data sets based on real cases to produce intelligence products. Instructors and peers provide feedback on briefings and reports produced and presented in class.

*Foundational skills. Creative thinking. Critical thinking. Critical reading.
*Information sources. Identify sources of intelligence information. Evaluate sources for validity and reliability.
*Analytical reports. Develop a structured and actionable analytical report based on a data set given in class.
*Privacy considerations. Ensure protection of privacy and civil rights while producing intelligence products.
*Briefings. Construct and deliver an intelligence briefing based on a data set given in class.

IA102 Introduction to Link Analysis

This course introduces analysts to the broader concepts of connecting the dots through link analysis. A critical portion of conducting a successful analytical investigation is the ability to link together and understand the complexities of the connectedness between people and organizations. Introduction to Link Analysis (ILA) expands on the basic principles of link and association analyses explored in the Foundations of Intelligence Analysis Training (FIAT) while building a framework for more advanced methods such as social network analysis.

Expanding basic knowledge of link and association analysis
Explaining the process of social network analysis
Understanding the visual mapping and mathematical components associated with link and social network analyses

DF202 Intermediate Digital Forensic Analysis: Windows File Systems

This course provides students with the fundamental knowledge and skills necessary to perform a limited digital forensic examination, validate hardware and software tools, and effectively use digital forensic suites and specialized tools. The course begins with a detailed study of the digital forensic examination process, including documentation, case management, evidence handling, validation, and virtualization. Students learn to use todays leading commercial and open source digital forensic suites: Magnet Axiom, X-ways Forensic, and Autopsy. Instruction on each suite will include an interface overview, configuration, hashing, file signature analysis, keyword searching, data carving, bookmarking, and report creation.

*Digital forensic process. Evidence review; requests for examination; case management.
*Validation. Creation of validation images; validation testing.
*Effective tool usage. Tool interface; hashing; file signature analysis; data carving; searching; metadata; bookmarking.
*Reporting. General report structure; report templates; using tool-generated reports.

FC204 Combating Transnational Crime & Terrorism Financing

An effective financial investigation can disrupt terrorism organizations and interrupt, deter, or even stop operational terrorism activities before they can begin. In this three-day course, students develop an understanding of how financial systems are used to support terrorism activities and transnational criminal organizations. Students will work with tools and methods to investigate the manipulation of financial, communication, and business systems used for illicit purposes. Students will learn how to work with suspicious activity reports, crucial financial records such as Society for Worldwide Interbank Financial Telecommunications (SWIFT) messaging, and records used in banking and money services businesses. They will also learn how to gather information and evidence on other means of value transfer methods associated with money laundering, the black-market peso and forms of trade-based money laundering, hawala, and other alternate remittance systems, and virtual assets (cryptocurrency).

FC099 Basic Level Spreadsheeting Skills

This one-day course provides foundational spreadsheeting knowledge and skills to enhance workplace productivity. The course covers basic navigation of Microsoft Excel by combining live demonstrations and hands-on exercises.

Work with multiple worksheets within a workbook
Hide, unhide, and protect worksheets
Adjust rows and columns
Use copy and paste options
Find, select, and sort data

IA300 Advanced Criminal Intelligence: Tradecraft and Analysis

This three-day course is dedicated to studying the fundamentals of quantitative and qualitative data analysis and how to formulate arguments in support of criminal investigations and intelligence. Students will learn about data management techniques and a disciplined process to clean and standardize data in preparation for analysis. The course will also explore several common investigative objectives, including the discovery of associations between people and entities, the correlation between unlawful activity and suspects, behavioral affinities, and predictions. The course will introduce the Enterprise Theory of Crime and how to use network analysis to formulate conclusions about the structure of criminal organizations, their players and roles, the identification of facilitators, charting of financial arrangements, and connections to unlawful activity. The course enables the production of valuable, accurate, and efficient logical inferences produced by collecting data related to unlawful activity.

Pages