Systems Forensics, Investigation, and Response

COURSE OUTLINE:

Description

Computer crimes call for forensics specialists, people who know how to find and follow the evidence. This course examines the fundamentals of system forensics, such as what forensics is, the role of computer forensics specialists, computer forensic evidence, and application of forensic analysis skills. In this course, you will learn about computer crimes, forensic methods,and laboratories and addresses the tools, techniques,and methods used to perform computer forensics and investigation. Finally, it explores emerging technologies as well as future directions of this interesting and cutting-edge field.

In addition to premium instructional content from Jones & Bartlett Learning's comprehensive Information Systems Security and Assurance (ISSA) curriculum, this course provides access to a customized 'virtual sandbox' learning environment that aggregates an unparalleled spectrum of cybersecurity applications. Providing instant, unscheduled access to labs from the convenience of a web-browser, this course allows you to practice 'white hat' hacking on a real IT infrastructure-these are not simulations. Winner of the 'Security Training and Educational Programs' top prize at the prestigious 2013 Global Excellence Awards by Info Security Products Guide, the industry's leading information security research and advisory guide, these labs provide valuable exposure to complex, real world challenges and over 200 hours of training exercises on how hackers and perpetrators use these applications and tools.

Certification:

This course covers content within the following industry certification exam:

  • Certified Information Systems Security Professional (CISSP) - two content domains covered

Audience

  • Information security analysts
  • Payroll specialists
  • IT infrastructure security specialists
  • People who decide which information technology and cybersecurity products to acquire for their organization

Prerequisites

General knowledge of networking and management information systems

Learning Objectives

  • The role of computer forensics in responding to crimes and solving business challenges
  • System forensics issues, laws, and skills
  • Purpose and structure of a digital forensics lab
  • Evidence life cycle
  • Procure evidence in physical and virtualized environments
  • Impact of sequestration on the evidence-gathering process
  • Collect evidence in network and email environments
  • Automated digital forensic analysis
  • Report investigative findings of potential evidentiary value
  • Constraints on digital forensic investigations

1. The System Forensics Landscape

  • Introduction to Forensics
  • Overview of Computer Crime
  • Forensics Methods and Labs

2. Technical Overview: System Forensics Tools, Techniques, and Methods

  • Collecting, Seizing, and Protecting Evidence
  • Understanding Information-Hiding Techniques
  • Recovering Data
  • Email Forensics
  • Windows Forensics
  • Linux Forensics
  • Mac Forensics
  • Mobile Forensics
  • Performing Network Analysis

3. Incident Response and Resources

  • Incident and Intrusion Response
  • Trends and Future Directions
  • System Forensics Resources