Whether you are a member of law enforcement, the military, or a corporate investigations unit, you have a need for trained investigators who are capable of identifying, preserving, analyzing and interpreting electronic evidence. There are an increasing collection of open source and commercial tools available to assist investigators; however, without the proper foundation of knowledge and principles, investigators are ill prepared to take the output of these tools into the courtroom.

Principles of Computer Forensics was designed to provide investigators this basis of knowledge. Participants will first learn to recognize and properly seize electronic evidence, then analyze it using EnCase® V6.

Our senior instructors (all of whom hail from government service) will lead participants through hands on scenarios designed to replicate real world investigations. Emphasis is placed on a systematic and repeatable processes, proper interpretation, and compliance with a growing body of legal requirements.

Students attending this course will learn the following:

Pre Investigation Planning
Common Computer Hardware
First Response Considerations
Collecting Volatile Data
Disk to Disk Imaging Methods
Network Crossover Imaging
Imaging with Linux and Linen®
Understanding the EnCase® Interface
Basic Keyword Searching
Advanced GREP Keyword Searching
Understanding File Signatures
Hash Analysis
Windows® 2000/XP/2003/Vista Operating System Artifacts
FAT and NTFS File Systems