EtusivuHae koulutuksia & tapahtumiaCertificate in Digital Forensics Fundamentals

Certificate in Digital Forensics Fundamentals

Introduction to digital forensics is designed to help commercial and government organizations collect, preserve and report on digital artefacts in a way which is suitable for use in investigations.
The course covers the broad topics essential to the digital forensics disciplines. It sets out a framework for investigations, covering the best practice as described by The National Police Chiefs' Council (NPCC) formally ACPO guidelines. Forensic fundamentals will be covered as well as the use of open source forensic tools. The data will be then analysed and an example report produced.
Participants to this course learn about the methods to identify, preserve, analysis and report on digital artefacts. Using a mixed approach of fundamentals and open source software, delegates will be able to select suitable tools and report on their findings in an evidential way.
The introduction to digital forensic course audience includes all teams across the IT, Security, Internal Audit, Law Enforcement and Government.
IISP Skills Alignment
This course is aligned to the following Institute of Information Security Professionals (IISP) Skills. More details on the IISP skills framework can be found here.
F3
Continuous Professional Development (CPD)
CPD points can be claimed for GCT accredited courses at the rate of 1 point per hour of training for GCHQ accredited courses (up to a maximum of 15 points).


Osallistumismuoto

Remote


Kesto

3 päivää


Hinta

2862 €

The Certificate in Digital Forensics Fundamentals course provides a comprehensive foundation in digital forensic investigation techniques, enabling participants to identify, preserve, analyse, and report on digital artefacts. The course covers key forensic methodologies, legal considerations, and best practices, ensuring that findings are admissible in investigations. Through a combination of theoretical concepts and practical exercises, learners will gain hands-on experience with open-source forensic tools to acquire, examine, and document evidence. The course also explores emerging areas such as IoT forensics, mobile device analysis, and anti-forensics techniques.

Learning outcomes

By the end of this course, learners will be able to:

  • Explain the purpose and key principles of digital forensics.
  • Identify different forensic approaches and legal considerations.
  • Maintain chain of custody and handle evidence securely.
  • Acquire and validate forensic images using industry-standard techniques.
  • Analyse file systems, metadata, and system artefacts for digital evidence.
  • Examine Windows Registry, deleted files, and forensic artefacts.
  • Explore IoT forensics, mobile device analysis, and anti-forensic methods.
  • Produce forensic reports that meet evidential standards.

Prerequisites

There are no formal prerequisites, but participants should have:

  • A basic understanding of IT systems and security principles.
  • Familiarity with file structures, storage devices, and operating systems (recommended but not mandatory).

Target Audience

This course is designed for professionals in:

  • IT and cybersecurity roles responsible for investigating digital incidents.
  • Law enforcement and internal audit teams handling forensic investigations.
  • Regulatory and compliance officers managing digital evidence collection.

Course Content

Introduction to digital forensics

  • Key concepts and objectives of digital forensics.
  • The role of digital forensics in cybercrime investigations.
  • Responsibilities of a forensic investigator.
  • Legal and ethical considerations in forensic investigations.

Labs:

  • Exploring the role of digital forensics in investigations.
  • Hands-on forensic investigator scenario.

Digital evidence collection techniques

  • Types of digital evidence and forensic approaches.
  • NPCC guidelines for handling and collecting digital evidence.
  • The role and toolkit of a first responder.

Labs:

  • First responder scenario and triage using OS Forensics.

Legal framework and forensic best practices

  • Understanding data protection laws and regulatory requirements.
  • The importance of chain of custody in forensic investigations.
  • Adhering to ISO/IEC forensic standards.

Labs:

  • Scenario-based legal compliance exercise.
  • Computer Misuse Act application in forensic cases.

Evidence imaging and verification

  • Forensic imaging techniques and best practices.
  • Using hashing algorithms for evidence validation.
  • Working with FTK Imager and forensic hash sets.

Labs:

  • Hash value verification and forensic imaging practice.

Computer hardware fundamentals for forensics

  • Understanding BIOS, boot processes, and storage devices.
  • Partitioning and how data can be hidden in storage.
  • Differences between HDDs and SSDs in forensic investigations.

Labs:

  • Partition manipulation and forensic imaging.

Data representation and analysis

  • ASCII, Unicode, and binary/hex representation of data.
  • Endianness: Big-endian vs Little-endian storage formats.

Labs:

  • Decoding binary and hexadecimal data.

File systems and deleted data recovery

  • FAT and NTFS file system structures.
  • Understanding slack space and data recovery methods.

Labs:

  • Viewing deleted files and forensic artefacts in Windows.

File signatures and file carving

  • Using file signatures (magic numbers) for forensic analysis.
  • File carving techniques for recovering hidden or deleted files.

Labs:

  • File signature analysis and manual file carving using Kali Linux.

Windows artefacts and file metadata analysis

  • Investigating Windows Registry, event logs, and metadata.
  • Examining EXIF data and forensic artefacts in Windows systems.

Labs:

  • Windows log analysis and registry forensic exploration.
  • E-mail header analysis and packet data inspection using Wireshark.

Mobile device forensics

  • Unique challenges in mobile device investigations.
  • Extracting data from smartphones and mobile devices.
  • Methods for mobile device examination and evidence recovery.

Forensic reporting and documentation

  • The importance of comprehensive forensic documentation.
  • Best practices for structuring forensic reports.
  • Preparing forensic evidence for legal proceedings.

IoT and emerging forensic technologies

  • Understanding IoT security challenges and forensic methodologies.
  • Investigating smart devices, vehicle forensics, and wearable IoT.
  • Anti-forensics techniques: steganography, countermeasures, and password cracking.

Labs:

  • Password cracking using Passware.
  • Anti-forensics detection and mitigation strategies.

Forensic software and tools

  • Overview of commercial and open-source forensic tools.
  • Hands-on practice with key forensic utilities.

Labs:

  • Recovering multiple types of forensic evidence in a real-world scenario.

Exams and Assessments

  • 90-minute multiple-choice exam (70 questions, 50% pass mark).
  • The APMG Proctor-U exam is taken online after course completion.
  • Delegates receive individual access to the APMG candidate portal (available two weeks post-exam).

Hinta 2862 € +alv

Toteutukset


+ Näytä lisää toteutuksia


Pidätämme oikeudet mahdollisiin muutoksiin ohjelmassa, kouluttajissa ja toteutusmuodossa. 
Katso usein kysytyt kysymykset täältä.

Powered by QA. Start time: 10.30-12, end time: 18-20
Read more »