Tribal Justice Agencies

    CI101 Basic Cyber Investigations: Digital Footprints

    This course introduces learners to the concept of digital footprints and best practices in protecting personally identifiable information (PII). Topics include limiting an individuals digital footprint, protecting privacy on social media, and the consequences of oversharing personal information; as well as steps to take after becoming a target of doxing.

    *Current landscape. Emerging technology and trends that can aid criminals in the commission of identity theft, credit card theft, child exploitation, and production of counterfeit documents.
    *Personally identifiable information (PII). Learn what PII is, why it can threaten individuals safety, and the scams and exploits criminals use to obtain it.
    *Minimizing your digital footprint. Learn how and why you should remove PII, and how to find where information may be located. Instructors demonstrate how to secure digital devices and request removal of data from a website.
    *Social media. Use security and privacy settings to control the amount of available information on multiple platforms.
    *Resources. Identify resources that can help victims of identity theft, doxing, and other related crimes.

    CI101 Basic Cyber Investigations: Digital Footprints

    This course introduces learners to the concept of digital footprints and best practices in protecting personally identifiable information (PII). Topics include limiting an individuals digital footprint, protecting privacy on social media, and the consequences of oversharing personal information; as well as steps to take after becoming a target of doxing.

    *Current landscape. Emerging technology and trends that can aid criminals in the commission of identity theft, credit card theft, child exploitation, and production of counterfeit documents.
    *Personally identifiable information (PII). Learn what PII is, why it can threaten individuals safety, and the scams and exploits criminals use to obtain it.
    *Minimizing your digital footprint. Learn how and why you should remove PII, and how to find where information may be located. Instructors demonstrate how to secure digital devices and request removal of data from a website.
    *Social media. Use security and privacy settings to control the amount of available information on multiple platforms.
    *Resources. Identify resources that can help victims of identity theft, doxing, and other related crimes.

    IA102 Introduction to Link Analysis

    This course introduces analysts to the broader concepts of connecting the dots through link analysis. A critical portion of conducting a successful analytical investigation is the ability to link together and understand the complexities of the connectedness between people and organizations. Introduction to Link Analysis (ILA) expands on the basic principles of link and association analyses explored in the Foundations of Intelligence Analysis Training (FIAT) while building a framework for more advanced methods such as social network analysis.

    Expanding basic knowledge of link and association analysis
    Explaining the process of social network analysis
    Understanding the visual mapping and mathematical components associated with link and social network analyses

    DF100 Basic Digital Forensic Analysis: Seizure

    This course introduces the information and techniques law enforcement personnel need to safely and methodically collect and preserve digital evidence at a crime scene. Topics include recognizing potential sources of digital evidence; planning and executing a digital evidence-based seizure; and the preservation, packaging, documentation, and transfer of digital evidence.

    *Prepare. Prepare to respond to an incident or crime scene where digital evidence may be present.
    *Identify. Learn tow to identify relevant sources of digital evidence in an ever-evolving landscape.
    *Collect. Learn the proper methods of digital evidence collection.
    *Preserve. Build upon the three previous principles to ensure valid and legal preservation of digital evidence can occur.

    CI102 Basic Cyber Investigations: Dark Web & Open Source Intelligence

    This course provides expert guidance in the skills law enforcement officers need to conduct successful online investigations. Topics include IP addresses and domains, an overview of currently popular social media platforms, best practices for building an undercover profile, foundational knowledge related to the dark web, and the use of the dark web as an investigative tool. Instructors demonstrate both open-source and commercially-available investigative tools for social engineering, information gathering, and artifacts related to social media; as well as automated utilities to capture information and crawl websites.

    *Internet basics. IP address assignment; resolving domains and IP addresses; networking overview.
    *Popular sites. Facebook, Twitter, KiK Messenger, Snapchat, Instagram, tumblr, and more.
    *The dark web. Surface, deep, and dark web; how data flows through the internet. Who uses the dark web and how?
    *Tor. How to access Tor; how Tor traffic works; how a Tor Hidden Service works; installing and configuring the Tor Browser Bundle.

    DF320 Advanced Digital Forensic Analysis: macOS

    This course prepares students to identify various artifacts typically located in property lists and SQLite databases on MacOS-based computers, as well as learn how to perform forensic analysis. Students gain hands-on practical experience writing basic SQL queries and using to analyze operating system artifacts that includes, but is not limited to, user login passwords, FaceTime, messages, mail, contacts, calendars, reminders, notes, photos, Safari, Google Chrome, and Mozilla Firefox.

    FC105 Financial Records Examination and Analysis

    This course covers the acquisition, examination, and analysis of many types of financial records, including bank statements and checks, wire transfer records, and business records. Topics include recognizing and investigating common indicators of fraud, using spreadsheets to facilitate analysis and pattern recognition, and financial profiling. There is a strong focus on presenting financial evidence in multiple modalities: spreadsheet data outputs, graphic representations, and written/oral presentations.

    *Introduction to analysis. Best practices. Finding patterns. Indicators of fraud. Presenting your findings.
    *Financial records. Bank records. Business documents.
    *Financial profiling. Methods of profiling. Reasons to create a profile. Creating a profile.
    *Hands-on experience. Work a mock financial case as part of an investigative team.

    IA101 Foundations of Intelligence Analysis Training

    This course addresses the critical need for well-trained intelligence analysts to interpret growing amounts of information. Topics include the intelligence cycle, analytical thinking skills, the importance of strategic analysis, communication and social media analysis, recommendation development, and legal and ethical issues. Students work hands-on with specialized software to synthesize information and develop various products of intelligence. The course was developed by a consortium that included NW3C, Law Enforcement Intelligence Units (LEIU), the International Association of Law Enforcement Intelligence Analysis (IALEIA), and the Regional Information Sharing System (RISS).

    *Analysis basics. History and purpose of intelligence analysis. Legal issues and ethics. Sources of information. The intelligence cycle.
    *Types of analysis. Crime patterns. Associations. Flow. Communications. Financial analysis.
    *Creative and critical thinking. Brainstorming. Mind mapping. Steps to critical thinking.
    *Deterring crime. Strategic analysis as a tool for law enforcement personnel.
    *Hands-on experience. Work as part of a team to analyze information pertaining to several hypothetical cases.

    DF330 Advanced Digital Forensic Analysis: iOS & Android

    This course provides the advanced skills and knowledge necessary to analyze data on iOS devices (iPod Touch, iPhone, and iPad) and Android devices at an advanced level. Students use forensically-sound tools and techniques to analyze potential evidence, employing advanced techniques to uncover evidence potentially missed or misrepresented by commercial forensic tools. Topics include identifying potential threats to data stored on devices, available acquisition options, accessing locked devices, and the default folder structure. Core skills include analyzing artifacts such as device information, call history, voicemail, messages, web browser history, contacts, and photos. Instruction is provided on developing the hunt methodology for analyzing third party applications not supported by commercial forensic tools.

    Mobile device hardware fundamentals. How mobile devices work, store data, and interact with a variety of networks.
    Device handling. Properly preserving data for imaging and analysis. Identifying potential threats to data integrity.
    Device acquisition and security. Acquisition options (physical, logical, device backups). Bypassing passcodes and properly defeating encrypted backups of iOS devices.
    Advanced analysis techniques. Mounting images, partitioning scheme and default folder structure, types of artifacts (plists, SQLite databases, etc.).

    Pages