Digital Forensics and Cyber Investigations
01 - 01 Jan, 1970
To Be Determined;
The requirement for operational Incident Response, and Digital Forensic disciplines and procedures, has been forced to evolve in the last decade – driven by the increase of unprecedented cyber breaches, associated cyber-crimes, threats posed by State Sponsored Actors, and the increased complexities of Geopolitical tensions. Data breaches and intrusions have also evolved to more complex engagements, presenting the need for a robust in-house Digital Forensics/First Responder capability.
This course enables participants to engage with, and to investigate, both internal and external digital crimes and infractions. Applying robust processes and procedures which encompass the Digital Forensic acquisition and analysis of images, AI and Facial Recognition, from media and artifacts to computers and mobile technologies. Aligned with tough proven processes to secure evidential materials, participants can apply best practices to assure associated evidential integrity and value is maintained intact.
The 2023 course also introduces Your Own Search Engine techniques to cross-match digital assets and objects to enable an AI output of meaningful intelligence.
From a background of “in-the-ﬁeld” law enforcement, associated with the key concepts of legal practices, this course will provide hands-on pragmatic experiences, underpinned by the academic and legal structures which form the basis of Forensic Science.
Including the key operational elements of the Secure Operational Centre (SOC) and its interfaces with the Computer Security Incident Response Team (CSIRT), this course will provide participants with the skills they require to respond to a digital investigation with the assurance of completing it correctly.
The 2022 version of this course introduces multiples of take away tool, reading materials and book to support the professional on the longer journey to evolve in depth pragmatic experiences.
By the end of the course, participants will be able to:
- Apply a Digital Forensics methodology in an operational environment
- Set a strategy for a Digital Forensics response framework
- Conduct investigations into social media, malware, viruses, and ransomware
- Manage a Digital Scene-of-Crime and its Digital evidence and artifacts
- Investigate mobile technologies, and other media which may hold evidential materials and artifacts
- Apply the techniques to extract images from systems artifacts
This course is designed for IT professionals, Fraud Investigators, Auditors, CSIRT and SOC Analysts, working in companies that are targets for cyber and digital attacks. It is also highly beneficial for police and military personnel, probation officers and other security personnel who deal with cyber investigations.
- Digital forensics – background and legal practices
- Introduction to the science of forensics
- Terms and definitions
- Chain of digital crime
- The background of digital crime
- Case histories of real-life cases
- Digital forensics - law
- Digital forensics - legislation
- Standards of digital forensics
- Fundamentals of digital forensics
- The risks faced by organizations
- The digital forensics response framework
- The first responder digital forensics toolkit
- Scene of digital crime management
- The Secure Operations Centre (SOC)
- The CSIRT (Computer Security Incident Response Team)
- Roles and responsibilities
- Implementing a framework
- Case management
- Collecting and processing digital evidence
- Domain Name System (DNS)
- Extended security infrastructures
- Investigating mobile technologies
- Acquisition of digital evidence and artifacts
- Handling of digital evidence and artifacts
- Processing of digital evidence and artifacts
- Case management protocols
- Wireless protocols
- Supporting technologies
- Reporting practices
- Investigations of internal and external digital crimes
- OSINT (Open Source Intelligence)
- Its place in the digital forensic investigation
- Defining internal crimes
- Defining external crimes
- Child exploitation and investigations
- Malicious applications
- Anti-forensics capabilities
- Digital forensics and terrorism
- OSINT (Open Source Intelligence)