On this day you will learn how to initialize and start processing a case using a common and widely accepted commercial forensic software tool. The instruction for this day will far surpass just learning how to use a software tool - you will be provided with a repeatable process that can be used for any type of digital forensic investigation, and that has been developed and perfected by CSI to quickly and efficiently process cases.
You will learn how to locate critical computer user and system information from the Windows registry, and will be shown how to ascertain what users of the computer system did, such as performing searches of the computer and Internet search engines, running programs, and opening and saving files - this is just the tip of the iceberg. While there will be much information that will be covered, rest assured that you will be provided with videos of all processes used so that you can review and practice long after class is over.
As well, you will learn how to tell what types of removable media was used with a computer, such as USB storage devices. You will see how to extract detailed information about USB devices such as when they were first used, last used, make and model of device, and possibly even the device serial number.
From this day through Day Five, you will utilize your skills and knowledge to continue to process your case that is based on an actual case of identity theft and credit card fraud.
DAY THREE TOPICS
Initializing a Case
Navigating Your Case
Windows Registry Basics
The SAM Registry File
System and Software Registry Files
Evening Session: Optional, Until 21:00
Open Topics Based On Student Requests
Copyright © 2013 All rights reserved. Aurenav LLC.