Digital Forensics for Data Breaches Investigations

by Dario Forte, Eoghan Casey

Description

This technical seminar is designed to give digital investigators and Forensic examiners an in-depth understanding of evidence on computers, focusing on core competencies needed to make effective use of digital evidence. Topics covered include file systems, disk digging, reconstructing Internet activities, and practical approaches to dealing with encryption. Forensic analysis techniques and associated tools are presented for use on Windows, UNIX, and Macintosh systems and handheld devices. This course demonstrates how computers are extensions of traditional crime scenes and how the associated digital evidence can be useful in a variety of investigations including fraud, intellectual property theft, and violent crimes. Realistic scenarios with associated digital evidence are provided to enable students to apply what they learn to real world situations. A mock trial is held to simulate the court room experience of testifying, presenting technical evidence, and being cross-examined. This seminar is suitable for individuals who are interested in or are already performing technical aspects of digital investigations in your organization. These technical seminars will also be of interest to managers, compliance officers and auditors who need to understand the types of digital evidence that is available on computers.

The delegates will receive a copy of the book"Digital Evidence and Computer Crime" by Eoghan Casey.

What you will learn

Forensic examination of dead systems
Preservation and examination of Windows Vista, MacOS X, and UNIX systems
Preservation and examination of host memory
Preservation and examination of handheld devices
The admissibility of the digital evidences in court
Reporting technical findings to non-technical decision makers
Testifying in court

Main Topics

Interpreting Digital Evidence
Windows Systems
UNIX Systems
Macintosh Systems
Memory Forensics
Handhelds and Cell Phones
Presenting Digital Evidence