Cyber Lab Examiner – II

Cyber Lab Examiner - II by SECURE INDIA
Course contents of Cyber Lab Examiner – II (CLE – II):
  1. Introduction to Computer Forensics
  2. Introduction to Investigations
    1. Areas involved in a forensic investigation
    2. Investigation awareness phase of a forensic investigation
    3. Principles of forensic computing
    4. The ‘Chain of Custody’ process
    5. Applying the chain of custody process
  3. Identification and Seizure
    1. Common electronic evidence devices
    2. Seizure process of electronic evidence
    3. Evidential items of interest
    4. Actions performed on an electronic device
  4. Understanding Electronic Data
    1. Multiple bits
    2. Large quantities of bytes in data storage
    3. Decimal, Hexadecimal, ASCII, Unicode
  5. Storage and File Systems
    1. Preparing a hard drive for data storage
    2. Physical disks, logical drives and Cloud Storage.
    3. Differences between data and metadata
    4. Common file system metadata
    5. The purpose of file systems
    6. Various file systems’ features
    7. Live Data, Deleted Data, Unallocated Data
  6. Forensic Acquisition
    1. Differences between a forensic image and a clone
    2. Hashing within the forensic acquisition process
    3. Common tools and hardware
    4. Forensic acquisition and verification of an electronic device
    5. Gathering the data from Cloud Storage
  7. Forensic Analysis Techniques
    1. Five possible analysis environments
    2. Recovering data from an electronic device using data carving
    3. Keyword searching
    4. Issues associated with data extraction
    5. Strengths and weaknesses of hash analysis
    6. Common file type specific metadata
    7. Date and time analysis
  8. Recovering Forensic Artefacts
    1. Vista registry
    2. Internet history
  9. Data Reduction Techniques
    1. Filtering data
    2. Hash analysis
    3. Data interpretation process
    4. Dangers of data reduction
    5. Filtering using date and time stamps
    6. The use of data reduction techniques
  10. Forensic Challenges
    1. Cloud Data Access
    2. Data wiping
    3. Data encryption
    4. Malicious software
  11. Reporting
    1. Purpose of forensic reporting
    2. Expected outcome of a forensic investigation
    3. Target audience
    4. Reporting methods
    5. Defence statements