Prosecutors

DF100 Basic Digital Forensic Analysis: Seizure

This course introduces the information and techniques law enforcement personnel need to safely and methodically collect and preserve digital evidence at a crime scene. Topics include recognizing potential sources of digital evidence; planning and executing a digital evidence-based seizure; and the preservation, packaging, documentation, and transfer of digital evidence.

*Prepare. Prepare to respond to an incident or crime scene where digital evidence may be present.
*Identify. Learn tow to identify relevant sources of digital evidence in an ever-evolving landscape.
*Collect. Learn the proper methods of digital evidence collection.
*Preserve. Build upon the three previous principles to ensure valid and legal preservation of digital evidence can occur.

DF205 Intermediate Digital Forensic Analysis: SQLite Primer

Mobile devices dominate the intake list, and the desks of most digital forensics analyst globally. Devices are becoming more secure, with an increase in security the need for detailed analysis is increasing as well. SQLite is a self-contained, serverless database engine. It is found on nearly every operating system and dominates iOS, Android, and macOS as one of the most prevalent and relevant data storage mechanisms. Rather than hope our forensic tools support the newest applications or be tethered to how a certain utility parses data we can arm ourselves with the skills and techniques needed to conquer the analysis of nearly any application.

What is SQLite and how to identify and analyze logically
Recognizing relevant locations of valuable data within SQLite database.
Develop skills needed for crafting custom SQLite queries.
Learn how to recognize and decode a variety of common timestamp formats.
Learn how to perform SQLite analysis with automation.

Intelligence Analysis: Asked and Answered

Join a team of experts from NW3C as they provide thoughtful and detailed answers to the intelligence analysis questions you submit. Submit questions regarding intelligence analysis skills, information collection, or general comments of analytic tradecraft and a panel of NW3C experts will provide answers during this live session.

FC105 Financial Records Examination and Analysis

This course covers the acquisition, examination, and analysis of many types of financial records, including bank statements and checks, wire transfer records, and business records. Topics include recognizing and investigating common indicators of fraud, using spreadsheets to facilitate analysis and pattern recognition, and financial profiling. There is a strong focus on presenting financial evidence in multiple modalities: spreadsheet data outputs, graphic representations, and written/oral presentations.

*Introduction to analysis. Best practices. Finding patterns. Indicators of fraud. Presenting your findings.
*Financial records. Bank records. Business documents.
*Financial profiling. Methods of profiling. Reasons to create a profile. Creating a profile.
*Hands-on experience. Work a mock financial case as part of an investigative team.

FC105 Financial Records Examination and Analysis

This course covers the acquisition, examination, and analysis of many types of financial records, including bank statements and checks, wire transfer records, and business records. Topics include recognizing and investigating common indicators of fraud, using spreadsheets to facilitate analysis and pattern recognition, and financial profiling. There is a strong focus on presenting financial evidence in multiple modalities: spreadsheet data outputs, graphic representations, and written/oral presentations.

*Introduction to analysis. Best practices. Finding patterns. Indicators of fraud. Presenting your findings.
*Financial records. Bank records. Business documents.
*Financial profiling. Methods of profiling. Reasons to create a profile. Creating a profile.
*Hands-on experience. Work a mock financial case as part of an investigative team.

CI101 Basic Cyber Investigations: Digital Footprints

This course introduces learners to the concept of digital footprints and best practices in protecting personally identifiable information (PII). Topics include limiting an individuals digital footprint, protecting privacy on social media, and the consequences of oversharing personal information; as well as steps to take after becoming a target of doxing.

*Current landscape. Emerging technology and trends that can aid criminals in the commission of identity theft, credit card theft, child exploitation, and production of counterfeit documents.
*Personally identifiable information (PII). Learn what PII is, why it can threaten individuals safety, and the scams and exploits criminals use to obtain it.
*Minimizing your digital footprint. Learn how and why you should remove PII, and how to find where information may be located. Instructors demonstrate how to secure digital devices and request removal of data from a website.
*Social media. Use security and privacy settings to control the amount of available information on multiple platforms.
*Resources. Identify resources that can help victims of identity theft, doxing, and other related crimes.

CI240 Intermediate Cyber Investigations: Virtual Currency

This course provides students with the fundamental knowledge and skills they need to investigate crimes involving virtual currency. Instructors explain foundational concepts like the characteristics of money, virtual currency, and cryptocurrency. Blockchain technology, proof work, and proof of stake are covered; and students learn how industry-leading cryptocurrencies (Bitcoin, Ethereum, and Monero) work and how they differ from each other. Finally, students learn investigative techniques for tracking and documenting transactions; and best practices for seizing and securing cryptocurrency.

*Virtual currency basics. History of money and of virtual currency. Categorizing virtual currency.
*Blockchain. History of the blockchain. Understanding different protocols.
*Cryptocurrencies in detail. Bitcoin, Ethereum, Monero and other privacy coins.
*Investigative techniques. Seizing virtual currency; tracking transactions through the blockchain; documenting investigative results.

IA101 Foundations of Intelligence Analysis Training

This course addresses the critical need for well-trained intelligence analysts to interpret growing amounts of information. Topics include the intelligence cycle, analytical thinking skills, the importance of strategic analysis, communication and social media analysis, recommendation development, and legal and ethical issues. Students work hands-on with specialized software to synthesize information and develop various products of intelligence. The course was developed by a consortium that included NW3C, Law Enforcement Intelligence Units (LEIU), the International Association of Law Enforcement Intelligence Analysis (IALEIA), and the Regional Information Sharing System (RISS).

*Analysis basics. History and purpose of intelligence analysis. Legal issues and ethics. Sources of information. The intelligence cycle.
*Types of analysis. Crime patterns. Associations. Flow. Communications. Financial analysis.
*Creative and critical thinking. Brainstorming. Mind mapping. Steps to critical thinking.
*Deterring crime. Strategic analysis as a tool for law enforcement personnel.
*Hands-on experience. Work as part of a team to analyze information pertaining to several hypothetical cases.

IA300 Advanced Criminal Intelligence: Tradecraft and Analysis

This three-day course is dedicated to studying the fundamentals of quantitative and qualitative data analysis and how to formulate arguments in support of criminal investigations and intelligence. Students will learn about data management techniques and a disciplined process to clean and standardize data in preparation for analysis. The course will also explore several common investigative objectives, including the discovery of associations between people and entities, the correlation between unlawful activity and suspects, behavioral affinities, and predictions. The course will introduce the Enterprise Theory of Crime and how to use network analysis to formulate conclusions about the structure of criminal organizations, their players and roles, the identification of facilitators, charting of financial arrangements, and connections to unlawful activity. The course enables the production of valuable, accurate, and efficient logical inferences produced by collecting data related to unlawful activity.

FC101 Financial Investigations Practical Skills

This course provides hands-on investigative training at a basic level. Students develop the practical skills, insight, and knowledge necessary to manage a successful financial investigation from start to finish, including the acquisition and examination of financial records, interview skills, and case management and organization. Additional topics include forgery and embezzlement, financial exploitation of the elderly, working with spreadsheets, financial profiling, and state-specific statutes and legal issues.

*Emerging issues. Current trends in various types of financial crimes. Recent cases and their implications.
*Financial records. Learn to obtain and manage bank records, including basic spreadsheeting skills.
*Working with data. Extract leads and draw conclusions from bank records and other financial data.
*Hands-on experience. Work a mock financial case as part of an investigative team.

Pages