Prosecutors

FC102 Financial Investigations Triage (Dec. 2019, Arizona)

This course provides an overview of the actions investigators can take at the outset of a financial crime investigation. Students learn to ask critical questions, gather documentation, and analyze information for leads. Topics include obtaining and working with financial records, red flags in financial cases, money laundering, investigative strategies for different types of financial crimes, and commingled funds.

CI240 Intermediate Cyber Investigations: Virtual Currency (Dec. 2019, New Mexico)

This course provides students with the fundamental knowledge and skills they need to investigate crimes involving virtual currency. Instructors explain foundational concepts like the characteristics of money, virtual currency, and cryptocurrency. Blockchain technology, proof work, and proof of stake are covered, and students learn how industry-leading cryptocurrencies (Bitcoin, Ethereum, and Monero) work and how they differ from each other. Finally, students learn investigative techniques for tracking and documenting transactions and best practices for seizing and securing cryptocurrency.

DF201 Intermediate Digital Forensic Analysis: Automated Forensic Tools (Dec. 2019, Virginia)

This course provides students with the fundamental knowledge and skills necessary to perform a limited digital forensic examination, validate hardware and software tools, and effectively use digital forensic suites and specialized tools. The course begins with a detailed review of the digital forensic examination process, including documentation, case management, evidence handling, validation, and virtualization. Students learn to use today's leading commercial and open source digital forensic suites: Magnet Axiom, X-ways Forensic, and Autopsy. Instruction on each suite will include an interface overview, configuration, hashing, file signature analysis, keyword searching, data carving, bookmarking, and report creation.

FC122 Intellectual Property Theft Training (Nov. 2019, Tennessee)

This course introduces the problem of intellectual property (IP) theft and provides tools, techniques, and resources for investigating and prosecuting these crimes. A combination of lecture, discussion, and interactive exercises illustrates the potential dangers and economic repercussions of counterfeit products, as well as best practices and techniques for investigating IP theft. Students are provided with a state-specific workbook that includes relevant statutes, sample organizational documents for IP investigations, and additional resources for investigators and prosecutors.

This course is presented in collaboration with the National Association of Attorneys General.

DF101 Basic Digital Forensic Analysis (Nov. 2019, Idaho)

This course provides the fundamental knowledge and skills required to preview and acquire images from Windows-based and macOS-based computers, mobile devices, and removable storage media in a forensically sound manner.

Presentations and hands-on practical exercises cover topics including

  • Storage media and how data is stored;
  • Firmware interfaces (BIOS, UEFI);
  • The previewing process;
  • Live and dead-box previewing;
  • The forensic acquisition process;
  • Tool validation;
  • Hardware and software write blockers;
  • Forensic image formats; and
  • Multiple forensic acquisition methods.

Students will use free and commercial third-party tools that are currently used by practitioners in the field.

CI102 Basic Cyber Investigations: Dark Web & Open Source Intelligence (Nov. 2019, Louisiana)

This course provides expert guidance in the skills law enforcement officers need to conduct successful online investigations. Topics include IP addresses and domains, an overview of currently popular social media platforms, best practices for building an undercover profile, foundational knowledge related to the dark web, and the use of the dark web as an investigative tool. Instructors demonstrate both open source and commercially available investigative tools for social engineering, information gathering, and artifacts related to social media, as well as automated utilities to capture information and crawl websites. 

DF320 Advanced Digital Forensic Analysis: macOS (Nov. 2019, New Hampshire)

This course teaches students to identify and collect volatile data, acquire forensically sound images of Apple Macintosh computers, and perform forensic analysis of macOS operating system and application artifacts. Students gain hands-on experience scripting and using automated tools to conduct a simulated live triage, and use multiple methods to acquire forensically sound images of Apple Macintosh computers. Topics include how the macOS default file system stores data, what happens when files are sent to the macOS Trash, where operating system and application artifacts are stored, and how they can be analyzed. Forensic artifacts covered include password recovery, recently opened files and applications, encryption handling, Mail, Safari, Messages, FaceTime, Photos, Chrome, and Firefox.

CI102 Basic Cyber Investigations: Dark Web & Open Source Intelligence (Nov. 2019, Tennessee)

This course provides expert guidance in the skills law enforcement officers need to conduct successful online investigations. Topics include IP addresses and domains, an overview of currently popular social media platforms, best practices for building an undercover profile, foundational knowledge related to the dark web, and the use of the dark web as an investigative tool. Instructors demonstrate both open source and commercially available investigative tools for social engineering, information gathering, and artifacts related to social media, as well as automated utilities to capture information and crawl websites.

CI240 Intermediate Cyber Investigations: Virtual Currency (Nov. 2019, Tennessee)

This course provides students with the fundamental knowledge and skills they need to investigate crimes involving virtual currency. Instructors explain foundational concepts like the characteristics of money, virtual currency, and cryptocurrency. Blockchain technology, proof work, and proof of stake are covered, and students learn how industry-leading cryptocurrencies (Bitcoin, Ethereum, and Monero) work and how they differ from each other. Finally, students learn investigative techniques for tracking and documenting transactions and best practices for seizing and securing cryptocurrency.

CI130 Basic Cyber Investigations: Cellular Records Analysis (Nov. 2019, Louisiana)

This course is for officers, investigators, and analysts who encounter cell phone evidence that includes information external to the phone. Class concepts include instruction on how to request, read, and analyze call detail records from cellular providers, and how to plot cellular site locations to determine the approximate position of a suspect during a given period. No special hardware or software is required. However, this course focuses heavily on analysis; as such, a strong working knowledge of Microsoft Excel is highly recommended. Students are provided with a free copy of the National White Collar Crime Center's (NW3C) PerpHound tool, which assists in the plotting of call detail record locations.

Pages