The most trusted source for computer security training, certification and research.

Security 408: Computer Forensic Essentials
SANS vLive! SEC408-200911
Webcast Classroom Training
Monday, November 30, 2009 - Monday, February 1, 2010
Course Fee: $3,425.00


Instructors: Rob Lee & Chad Tilbury
Start Date:  Monday, November 30, 2009
End Date:  Monday, February 1, 2010
Meeting Times:  7:00 PM - 10:00 PM EST
Meeting Days
  • Monday, November 30
  • Monday, December 7
  • Monday, December 14
  • Monday, December 21
  • Monday, December 28
  • Monday, January 4
  • Monday, January 11
  • Monday, January 18
  • Monday, January 25
  • Monday, February 1
Where:
World Wide Web
Secure Site Requires Login ID & Password

Bios:
 Rob Lee: Rob Lee is a director for MANDIANT (www.mandiant.com), a leading provider of information security consulting services and software to Fortune 500 organizations and the U.S. government. Rob is also the curriculum lead for digital forensic training at the SANS Institute (forensics.sans.org). Rob has more than 13 years' experience in computer forensics, vulnerability and exploit discovery, intrusion detection/prevention, and incident response. Rob graduated from the U.S. Air Force Academy and served in the U.S. Air Force as a founding member of the 609th Information Warfare Squadron, the first U.S. military operational unit focused on information operations. Later, he was a member of the Air Force Office of Special Investigations where he conducted computer crime investigations, incident response, and computer forensics. Prior to joining MANDIANT, he directly worked with a variety of government agencies in the law enforcement, U.S. Department of Defense, and intelligence communities as the technical lead for a vulnerability discovery and exploit development team, lead for a cyber forensics branch, and lead for a computer forensic and security software development team. Rob also coauthored the bestselling book Know Your Enemy, 2nd Edition. Rob earned his MBA from Georgetown University in Washington DC. Finally, Rob was awarded the Digital Forensic Examiner of the Year from the Forensic 4Cast 2009 Awards.

 Chad Tilbury: Chad Tilbury has spent over ten years conducting incident response and forensic investigations. His extensive law enforcement and international experience stems from working with a broad cross-section of Fortune 500 corporations and government agencies around the world. During his service as a special agent with the Air Force Office of Special Investigations, he investigated a variety of computer crimes, including hacking, abduction, espionage, identity theft, and multi-million dollar fraud cases. He has led international forensic teams and was selected to provide computer forensic support to the United Nations Weapons Inspection Team. Chad has worked as a computer security engineer and forensic lead for a major defense contractor and more recently as the vice president of Worldwide Internet Enforcement for the Motion Picture Association of America. In that role, he managed Internet anti-piracy operations for the seven major Hollywood studios in over sixty countries. Chad is a graduate of the U.S. Air Force Academy and holds a BS and MS in computer science as well as GCFA, GCIH, and CISSP certifications. He is currently a consultant specializing in incident response, e-discovery, and computer forensics.

Master computer forensics. Learn essential investigation techniques.

With today's ever-changing technologies and environments, it is inevitable that organizations will deal with some form of cybercrime. These forms include, but are not exclusive to, fraud, insider threat, industrial espionage, and phishing. In order to help solve these cases, organizations are hiring digital forensic professionals and calling cybercrime law enforcement agents to fight and solve these cyber crimes.

SANS Security 408: Computer Forensic Essentials focuses on the essentials that a forensic investigator must know to investigate core computer crime incidents successfully. You will learn how computer forensic analysts focus on collecting and analyzing data from computer systems to track user-based activity that could be used internally or in civil/criminal litigation.

This course covers the fundamental steps of the in-depth computer forensic methodology so that each student will have the complete qualifications to work as a computer forensic investigator in the field helping solve and fight crime.

This course is the first course in the SANS Computer Forensic Curriculum. If this is your first computer forensics course with SANS we recommend that you start here.

FIGHT CRIME. UNRAVEL INCIDENTS... ONE BYTE AT A TIME.

You will Receive with this Course

Free SANS Investigative Forensic Toolkit (SIFT) Essentials

As a part of this course you will receive a SANS Investigative Forensic Toolkit (SIFT) Essentials with a Tableau Write Block Acquisition Kit. The entire kit will enable each investigator to accomplish proper and secure examinations of SATA, IDE, or Solid State Drives (SSD). The toolkit consists of:

  • Tableau T35e Write Blocker Kit
    • One Tableau T35e Write Blocker (Read-Only)
    • IDE Cable/Adapters
    • SATA Cable/Adapters
    • FireWire and USB Cable Adapters
    • Forensic Notebook Adapters (IDE/SATA)
    • HELIX Incident Response & Computer Forensics Live CD
  • SANS Windows XP Forensic Analysis VMware Workstation
  • Course DVD: Loaded with case examples, tools, and documentation

SANS Computer Forensic Website - forensics.sans.org

The learning does not end when class is over. SANS Computer Forensic Website is a community-focused site offering digital forensics professionals a one-stop forensic resource to learn, discuss and share current developments in the field. It also provides information regarding SANS forensics training, GIAC certification, and upcoming events. Visit http://forensics.sans.org. New content is added regularly, so please visit often. In addition, do not forget to share this information with your fellow forensic professionals.

Full Course Description >>