- Training
- Training Live Events
- Training Without Travel
- Security Courses
- Security Curricula
- Certified Instructors
- Training Calendars
- SANS vLive! / SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- Coins
- SANS Onsite
- SANS SelfStudy
- SANS Summit Series
- SANS Partnership Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- List of Resources
- Top 20 List
- Top 25 Programming Errors
- 20 Coolest Jobs
- Application Security Procurement Language
- Top 10 Security Trends
- Top 5 Essential Log Reports
- Reading Room
- Webcasts
- AudioCasts
- WhatWorks
- Newsletters
- RSS Feeds
- Calendar Feeds
- Security Thought Leaders
- Security Policy Project
- Security+ Study Guide
- SANS Buyers Guide
- Security Tool Demos
- 2008 Salary Survey
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
The most trusted source for computer security training, certification and research.
select a course
Washington, DC - July 6 - 14, 2009
- Event Location & Info
- Faculty
- Vendor Expo
- Vendor Events
- Special Events
- SANS @Night
- Brochure (PDF)
Opened my eyes to things that I thought I already knew, and I'm already learning new material on day 1
-Anthony Fischer, Front Porch, Inc.
Security 408
About
SANS WhatWorks Summit Series
The SANS WhatWorks Summit Series brings together the thought leaders of the industry...
>> Read More
Course PDF
Computer Forensic Essentials
Thursday, July 9, 2009 - Monday, July 13, 2009Chad Tilbury, SANS Instructor
6 CPE Credits Per Day
This brand new course focuses on the essentials that a forensic investigator must know to investigate core computer crime incidents successfully. You will learn how computer forensic analysts focus on collecting and analyzing data from computer systems to track user-based activity that could be used internally or in civil/criminal litigation. This course covers the fundamental steps of the traditional computer forensic methodology so that each student will have the qualifications to work as an investigator in the field helping solve cases and fight crime.
With today's ever changing technologies and environments, it is inevitable that organizations will deal with some form of cybercrime. These forms include, but are not exclusive to, fraud, insider threat, industrial espionage, and phishing. In order to help solve these cases, organizations are hiring individuals to perform computer forensics.
A computer forensic analyst primarily focuses on collecting and analyzing data from computer systems to track user-based activity that could be used internally or in civil/criminal litigation. E-discovery civil litigation, intellectual property theft, disgruntled employee causing damage, and inappropriate use of the Internet are the types of cases a computer forensic analyst might encounter.
If you are a lawyer that works with digital evidence daily or are an information technology manager, this course will give you the background essential to be able to manage teams of computer forensic investigators and be able to know how to ask and respond to challenging legal and technical computer forensic related questions.
FIGHT CRIME. UNRAVEL INCIDENTS...ONE BYTE AT A TIME. We not only teach a firm understanding of the computer forensics tools and techniques, we also teach you the legally approved forensic methodology that will result in success.
Tuition Includes
SANS Investigative Forensic Toolkit (SIFT) Essentials
Every investigator should be equipped with a full toolkit to securely acquire or examine any type of hard drive. As a part of this course you will take home with you a version of the SANS Investigative Forensic Toolkit (SIFT) Essentials with a Tableau Write Block Acquisition Kit. The entire kit will enable each new investigator to accomplish proper and secure examinations of SATA, IDE, or Solid State Drives (SSD).
The SIFT Kit Essentials consists of:
- Tableau T35e Write Blocker
- One Tableau T35e Write Blockers FireWire to SATA/IDE Bridge
- IDE Cable/Adapters
- SATA Cable/Adapters
- FireWire and USB Cable Adapters
- One External Power Supply and power cable
- Forensic Notebook Adapters (IDE/SATA)
- Zero Force Insertion Module
- 1.8" Adaptor
- 2.5" Adaptor
- Micro SATA Solid State Disk Adapter
- Tableau Storage Bag for Kit
- HELIX Incident Response & Computer Forensics Live CD
- SANS VMware-Based Forensic Analysis Workstation
- Course DVD: Loaded with case examples, tools, and documentation
- Who Should Attend
- Information technology professionals who wish to learn core concepts in computer forensics investigations and e-discovery
- Law enforcement officers, federal agents, or detectives who desire to be introduced to core forensic techniques and topics
- Information security managers who need to understand digital forensics in order to understand information security implications and potential litigation related issues or manage investigative teams
- Information technology lawyers and paralegals who need to understand the basics of digital forensic investigations
- Anyone interested in computer forensic investigations with some background in information systems, information security, and computers
- Course Topics
- Purpose of Digital Forensics
- Major Case Types
- Electronically Stored Evidence (ESI)
- Hard Drive Basics and File System Basics
- Fundamental Forensic Methodology
- Online Investigative Techniques
- Evidence Acquisition Basics
- Preservation of Evidence
- Presentation and Reporting of Evidence
- Full Disk Image Acquisition Tools and Techniques
- E-discovery Acquisition and Analysis
- Fundamental Registry Forensics
- Event Log Forensics
- E-mail Forensics
- Files Containing Critical Evidence
- Browser Forensics
- Recover Deleted Files
- Timeline Basics
- How to Put a Case Together
- © 2000-2009 The SANS™ Institute
- Web Privacy Policy | Web Contact |
- Press Room | Trademark Usage Policy