Training

FC 105 - Financial Records Examination and Analysis (July 2018)

This course covers the acquisition, examination, and analysis of many types of financial records, including bank statements and checks, wire transfer records, and business records. Topics include recognizing and investigating common indicators of fraud, using spreadsheets to facilitate analysis and pattern recognition, and financial profiling. There is a strong focus on presenting financial evidence in multiple modalities: spreadsheet data outputs, graphic representations, and written/oral presentations.

Course structure:

CI 201 - Social Media & Open Source Intelligence (July 26 2018)

This course covers the skills investigators need to conduct successful online investigations involving social media. Topics include internet basics such as IP addresses and domains, an overview of currently popular social media platforms, and best practices for building an online undercover profile. Instructors demonstrate both open-source and commercially available investigative tools for social engineering, information gathering, and artifacts related to social media, as well as automated utilities to capture information and crawl websites.

Course structure:

CC 201 - Digital Evidence Examination and Processing (July 2018)

This course builds on the concepts introduced in "Cybercop 101 - Basic Digital Forensic Imaging." It covers the architecture and functionality of the Windows NT File System, the FAT and the ExFAT File System, and related directory entry information for locating files on electronic devices. Topical areas include file headers and file hashing, recovery of deleted files and long file names, and techniques for discovering potential evidence that might otherwise be overlooked.

CC 201 - Digital Evidence Examination and Processing (July - Aug 2018)

This course builds on the concepts introduced in "Cybercop 101 - Basic Digital Forensic Imaging." It covers the architecture and functionality of the Windows NT File System, the FAT and the ExFAT File System, and related directory entry information for locating files on electronic devices. Topical areas include file headers and file hashing, recovery of deleted files and long file names, and techniques for discovering potential evidence that might otherwise be overlooked.

CI 101 - Secure Techniques for Onsite Previewing (July 2018)

This course covers the usage and configuration of two tools (Paladin/Autopsy and osTriage) designed to preview a non-mobile digital device and export files of evidentiary value. Day One is designed to preview a non-mobile digital device and export files of evidentiary value from a device that is powered on. Day Two is designed to preview a non-mobile digital device and export files of evidentiary value from a device that is powered off.

CS 235 - Basic Network Intrusion Investigations (July - Aug 2018)

This course covers the skills and techniques involved in responding to a network security incident. The course focuses on the identification, extraction, and detailed examination of artifacts associated with network and intrusions. Memory analysis, host machine forensics, network traffic and log analysis, malware analysis, and virtual machine sandboxing are covered through lecture, discussion, and hands-on exercises. Additional topics include key cybersecurity concepts and issues, as well as the various classifications and types of network attacks.

FC 101 - Financial Investigations Practical Skills (Aug 2018)

This course provides hands-on investigative training at a basic level. Students develop the practical skills, insight, and knowledge necessary to manage a successful financial investigation from start to finish, including the acquisition and examination of financial records, interview skills, and case management and organization. Additional topics include forgery and embezzlement, financial exploitation of the elderly, working with spreadsheets, financial profiling, and state-specific statutes and legal issues.

Course structure:

CI 101 - Secure Techniques for Onsite Previewing (Aug 2018)

This course covers the usage and configuration of two tools (Paladin/Autopsy and osTriage) designed to preview a non-mobile digital device and export files of evidentiary value. Day One is designed to preview a non-mobile digital device and export files of evidentiary value from a device that is powered on. Day Two is designed to preview a non-mobile digital device and export files of evidentiary value from a device that is powered off.

CC 101 - Basic Digital Forensic Imaging (Aug 2018)

This course covers the fundamentals of computer operations, hardware function, configuration, and best practices for the protection, preservation, and imaging of digital evidence. Presentations and hands-on exercises cover topics such as partitioning, data storage, hardware and software write blockers, the boot-up and shutdown processes, live imaging, encryption detection, and duplicate imaging. This course incorporates computer forensic applications that experienced practitioners are currently using in the field.

Course structure:

CC 201 - Digital Evidence Examination and Processing (Aug 2018)

This course builds on the concepts introduced in "Cybercop 101 - Basic Digital Forensic Imaging." It covers the architecture and functionality of the Windows NT File System, the FAT and the ExFAT File System, and related directory entry information for locating files on electronic devices. Topical areas include file headers and file hashing, recovery of deleted files and long file names, and techniques for discovering potential evidence that might otherwise be overlooked.

Pages