Training Delivery - Live Video (VTC)

DF310 Advanced Digital Forensic Analysis: Windows

This course covers the identification and extraction of artifacts associated with the Microsoft Windows operating system. Topics include the Change Journal, BitLocker, and a detailed examination of the various artifacts found in each of the Registry hive files. Students also examine Event Logs, Volume Shadow Copies, link files, and thumbnails. This course uses a mixture of lecture, discussion, demonstration, and hands-on exercises.

CI101 Basic Cyber Investigations: Digital Footprints

This course introduces learners to the concept of digital footprints and best practices in protecting personally identifiable information (PII). Topics include limiting an individuals digital footprint, protecting privacy on social media, and the consequences of oversharing personal information; as well as steps to take after becoming a target of doxing.

*Current landscape. Emerging technology and trends that can aid criminals in the commission of identity theft, credit card theft, child exploitation, and production of counterfeit documents.
*Personally identifiable information (PII). Learn what PII is, why it can threaten individuals safety, and the scams and exploits criminals use to obtain it.
*Minimizing your digital footprint. Learn how and why you should remove PII, and how to find where information may be located. Instructors demonstrate how to secure digital devices and request removal of data from a website.
*Social media. Use security and privacy settings to control the amount of available information on multiple platforms.
*Resources. Identify resources that can help victims of identity theft, doxing, and other related crimes.

FC099 Basic Level Spreadsheeting Skills

This one-day course provides foundational spreadsheeting knowledge and skills to enhance workplace productivity. The course covers basic navigation of Microsoft Excel by combining live demonstrations and hands-on exercises.

Work with multiple worksheets within a workbook
Hide, unhide, and protect worksheets
Adjust rows and columns
Use copy and paste options
Find, select, and sort data

CI102 Basic Cyber Investigations: Dark Web & Open Source Intelligence

This course provides expert guidance in the skills law enforcement officers need to conduct successful online investigations. Topics include IP addresses and domains, an overview of currently popular social media platforms, best practices for building an undercover profile, foundational knowledge related to the dark web, and the use of the dark web as an investigative tool. Instructors demonstrate both open-source and commercially-available investigative tools for social engineering, information gathering, and artifacts related to social media; as well as automated utilities to capture information and crawl websites.

*Internet basics. IP address assignment; resolving domains and IP addresses; networking overview.
*Popular sites. Facebook, Twitter, KiK Messenger, Snapchat, Instagram, tumblr, and more.
*The dark web. Surface, deep, and dark web; how data flows through the internet. Who uses the dark web and how?
*Tor. How to access Tor; how Tor traffic works; how a Tor Hidden Service works; installing and configuring the Tor Browser Bundle.

FC105 Financial Records Examination and Analysis

This course covers the acquisition, examination, and analysis of many types of financial records, including bank statements and checks, wire transfer records, and business records. Topics include recognizing and investigating common indicators of fraud, using spreadsheets to facilitate analysis and pattern recognition, and financial profiling. There is a strong focus on presenting financial evidence in multiple modalities: spreadsheet data outputs, graphic representations, and written/oral presentations.

*Introduction to analysis. Best practices. Finding patterns. Indicators of fraud. Presenting your findings.
*Financial records. Bank records. Business documents.
*Financial profiling. Methods of profiling. Reasons to create a profile. Creating a profile.
*Hands-on experience. Work a mock financial case as part of an investigative team.

FC122 Intellectual Property Theft Training

This course introduces the problem of intellectual property theft and provides tools, techniques, and resources for investigating and prosecuting these crimes. A combination of lecture, discussion, and interactive exercises illustrates the potential dangers and economic repercussions of counterfeit products, as well as best practices and techniques for investigating IP theft. Students are provided with a state-specific folder that includes relevant statutes, sample organizational documents for IP investigations, and additional resources for investigators and prosecutors.

This course is presented in collaboration with the National Association of Attorneys General (NAAG).
Awareness. Types of IP crimes. The criminals who commit these crimes. Impacts and dangers.
Investigation. Online and traditional techniques. Working with brand experts and the private sector. Large amounts of evidence. Resources.
Statutes. Prosecutorial theories. State-specific discussion.
Hands-on experience. Work with real counterfeit products. Identify fakes with expert guidance.

DF330 Advanced Digital Forensic Analysis: iOS & Android

This course provides the advanced skills and knowledge necessary to analyze data on iOS devices (iPod Touch, iPhone, and iPad) and Android devices at an advanced level. Students use forensically-sound tools and techniques to analyze potential evidence, employing advanced techniques to uncover evidence potentially missed or misrepresented by commercial forensic tools. Topics include identifying potential threats to data stored on devices, available acquisition options, accessing locked devices, and the default folder structure. Core skills include analyzing artifacts such as device information, call history, voicemail, messages, web browser history, contacts, and photos. Instruction is provided on developing the hunt methodology for analyzing third party applications not supported by commercial forensic tools.

Mobile device hardware fundamentals. How mobile devices work, store data, and interact with a variety of networks.
Device handling. Properly preserving data for imaging and analysis. Identifying potential threats to data integrity.
Device acquisition and security. Acquisition options (physical, logical, device backups). Bypassing passcodes and properly defeating encrypted backups of iOS devices.
Advanced analysis techniques. Mounting images, partitioning scheme and default folder structure, types of artifacts (plists, SQLite databases, etc.).

FC201 Financial Records Investigative Skills

This course builds on the concepts introduced in FC101 (FIPS) and FC105 (FREA), introducing investigators and prosecutors to emerging issues in financial crime. Topics include money laundering, analyzing large financial data sets, conducting effective interviews, and managing large amounts of financial evidence. This course consists of a mix of lecture, discussion, and hands-on exercises. Students conduct a mock investigation that includes interviews, data analysis, and the examination of various documents.

*Money laundering. Methods of laundering money. Tracing illegal funds. Emerging issues. FinCEN.
*Spreadsheeting skills. Spreadsheet architecture. Formulas and calculations. Pivot tables.
*Working with financial data. Benfords law analysis. Disentangling commingled funds.
*Hands-on experience. Work a mock financial case as part of an investigative team.

IA300 Advanced Criminal Intelligence: Tradecraft and Analysis

This three-day course is dedicated to studying the fundamentals of quantitative and qualitative data analysis and how to formulate arguments in support of criminal investigations and intelligence. Students will learn about data management techniques and a disciplined process to clean and standardize data in preparation for analysis. The course will also explore several common investigative objectives, including the discovery of associations between people and entities, the correlation between unlawful activity and suspects, behavioral affinities, and predictions. The course will introduce the Enterprise Theory of Crime and how to use network analysis to formulate conclusions about the structure of criminal organizations, their players and roles, the identification of facilitators, charting of financial arrangements, and connections to unlawful activity. The course enables the production of valuable, accurate, and efficient logical inferences produced by collecting data related to unlawful activity.

FC122 Intellectual Property Theft Training

This course introduces the problem of intellectual property theft and provides tools, techniques, and resources for investigating and prosecuting these crimes. A combination of lecture, discussion, and interactive exercises illustrates the potential dangers and economic repercussions of counterfeit products, as well as best practices and techniques for investigating IP theft. Students are provided with a state-specific folder that includes relevant statutes, sample organizational documents for IP investigations, and additional resources for investigators and prosecutors.

This course is presented in collaboration with the National Association of Attorneys General (NAAG).
Awareness. Types of IP crimes. The criminals who commit these crimes. Impacts and dangers.
Investigation. Online and traditional techniques. Working with brand experts and the private sector. Large amounts of evidence. Resources.
Statutes. Prosecutorial theories. State-specific discussion.
Hands-on experience. Work with real counterfeit products. Identify fakes with expert guidance.

Pages