Training

    Case Supervision Practices

    Over the last 20 years, supervision practices in the field of probation have significantly changed in the attempt to assist in positive behavior change in probationers. The field now knows that attempting to catch people doing the “right” thing is as important as holding them accountable for incidents where they are doing the “wrong” things. How does one do this? There are many evidence-based practices to efficiently supervise probationers in order to accomplish both goals.

    CC 101 - Basic Digital Forensic Imaging

    This course covers the fundamentals of computer operations, hardware function, configuration, and best practices for the protection, preservation, and imaging of digital evidence. Presentations and hands-on exercises cover topics such as partitioning, data storage, hardware and software write blockers, the boot-up and shutdown processes, live imaging, encryption detection, and duplicate imaging. This course incorporates computer forensic applications that experienced practitioners are currently using in the field.

    Course structure:

    CC 101 - Basic Digital Forensic Imaging

    This course covers the fundamentals of computer operations, hardware function, configuration, and best practices for the protection, preservation, and imaging of digital evidence. Presentations and hands-on exercises cover topics such as partitioning, data storage, hardware and software write blockers, the boot-up and shutdown processes, live imaging, encryption detection, and duplicate imaging. This course incorporates computer forensic applications that experienced practitioners are currently using in the field.

    Course structure:

    CI 101 - Secure Techniques for Onsite Previewing

    The "Cyber Investigation (CI) 101 - Secure Techniques for Onsite Previewing" course covers the usage and configuration of two tools (Paladin/Autopsy and osTriage) designed to preview a non-mobile digital device and export files of evidentiary value. Day One is designed to preview a non-mobile digital device and export files of evidentiary value from a device that is powered on. Day Two is designed to preview a non-mobile digital device and export files of evidentiary value from a device that is powered off.

    FC 201 - Financial Records Investigative Skills (June 2018)

    The "Financial Crime (FC) 201 - Financial Records Investigative Skills" (FRIS) course builds on the concepts introduced in "FC 101 - Financial Investigations Practical Skills" and "FC 105 - Financial Records Examination and Analysis," introducing investigators and prosecutors to emerging issues in financial crime. Topics include understanding money laundering, analyzing large financial data sets, conducting effective interviews, and managing large amounts of financial evidence. This course consists of a mix of lecture, discussion, and hands-on exercises.

    CC 201 - Digital Evidence Examination and Processing (June 2018)

    This course builds on the concepts introduced in "Cybercop (CC) 101 - Basic Digital Forensic Imaging" (BDFI). It covers the architecture and functionality of the Windows NT File System, the FAT and the ExFAT File System, and related directory entry information for locating files on electronic devices. Topical areas include file headers and file hashing, recovery of deleted files and long file names, and techniques for discovering potential evidence that might otherwise be overlooked.

    CI 201 - Social Media & Open Source Intelligence (June 14 2018)

    This course covers the skills investigators need to conduct successful online investigations involving social media. Topics include internet basics such as IP addresses and domains, an overview of currently popular social media platforms, and best practices for building an online undercover profile. Instructors demonstrate both open-source and commercially available investigative tools for social engineering, information gathering, and artifacts related to social media, as well as automated utilities to capture information and crawl websites.

    Course structure:

    CI 150 - Introduction to Cellular Investigations (June 11 2018)

    This course covers the acquisition and analysis of the various types of call detail records obtained from cellular providers. It focuses on data analysis using Microsoft Excel, as well as techniques for presenting findings in case reports or in court. Students receive a copy of PerpHound, the National White Collar Crime Center's (NW3C) free software tool for the analysis of call detail records. This course also covers best practices for seizing, preserving, and acquiring evidence internal to a cellular phone.

    CC 201 - Digital Evidence Examination and Processing (June 12 2018)

    This course builds on the concepts introduced in "Cybercop (CC) 101 - Basic Digital Forensic Imaging" (BDFI). It covers the architecture and functionality of the Windows NT File System, the FAT and the ExFAT File System, and related directory entry information for locating files on electronic devices. Topical areas include file headers and file hashing, recovery of deleted files and long file names, and techniques for discovering potential evidence that might otherwise be overlooked.

    CI 150 - Introduction to Cellular Investigations (June 6 2018)

    This course covers the acquisition and analysis of the various types of call detail records obtained from cellular providers. It focuses on data analysis using Microsoft Excel, as well as techniques for presenting findings in case reports or in court. Students receive a copy of PerpHound, the National White Collar Crime Center's (NW3C) free software tool for the analysis of call detail records. This course also covers best practices for seizing, preserving, and acquiring evidence internal to a cellular phone.

    Pages