Global Digital Forensics - Experts in Computer Forensics and Electronic Discovery

New York Boston Washington, DC

San Francisco Los Angeles Las Vegas

Chicago Denver Albany Redmond

Europe Asia South America    

Computer Forensics Electronic Discovery Security Auditing
    Home | Contact | Site Map

 

COMPUTER FORENSICS Forensic Services

Email Forensics

INCIDENT RESPONSE

TRAINING
CORPORATE SERVICES
ATTORNEYS

PRIVATE INVESTIGATORS

COMPUTER FORENSIC FAQ

COMMON MISTAKES

QUICK ANALYSIS PLAN

FORENSIC PROCESS

CASE STUDIES

CORPORATE CV

REQUEST A QUOTE

FORENSIC LINKS

 

ELECTRONIC DISCOVERY
E-DISCOVERY SERVICES

DISCOVERY CONSULTING

EXPERT WITNESSES
CASE STUDIES

EVOLUTION OF DISCOVERY

STATE OF THE LAW

E-DISCOVERY LAW

E-DISCOVERY LIBRARY

SPOLIATION CASE LAW

E-DISCOVERY NEWS

REQUEST INFORMATION

CORPORATE CV

 

DATA SECURITY
MAINFRAME SECURITY
APPLICATION SECURITY

NETWORK SECURITY

SECURITY ALERTS

END USER TIPS

SECURITY LINKS

 

SOFTWARE
MaxPatrol

KEY FEATURES

ACCURACY

SCAN QUALITY

PERFORMANCE

RELIABILITY

COMPARISONS

CASE STUDIES

DATABASE

UPDATE SYSTEM

DOWNLOAD

 

RESOURCES
CONTACT INFO
COMPUTER FORENSICS
ELECTRONIC DISCOVERY
PARTNERS
PRIVACY POLICY

TERMS OF USE

 

 

Download

Information Sheets

Basic Class (PDF)

Advanced Class (PDF)

 

 

New MaxPatrol Demo Available!
New Demo version includes new intelligent algorithms for detection of blind SQL-injection vulnerabilities in ANY (including custom) web-applications.

 

Go to Demo Download page

 

 

 

Basic Computer Forensics Training

It is estimated that roughly 90% of all information is either created or stored in digital format. The Computer Forensics and Electronic Discovery (CFED) training course was designed to train “Digital Investigators” to properly conduct a computer forensic examination and give them an understanding of the process of electronic discovery. Unlike other training courses in computer forensics, our training is “vendor neutral” and takes an in-depth path to manually conducting a digital investigation. The students will learn the skills and techniques necessary to conduct a thorough examination. The training will also teach the students they cannot rely solely automated software to conduct an effective investigation. The environment is extremely hands-on and interactive, and the students will work with the most widely accepted “tools of the trade” in addition to manually examining digital evidence. Some of the modules covered in Basic Computer Forensic Techniques include:

History of Computer Crime
 

This brief introduction to the history of computer crime will show why most of the standard techniques we use today originated. Computer crimes have evolved significantly over the past few decades and knowing the reasons for the processes we use helps to protect a digital investigator from putting themselves in a liable situation. Although this is not meant to be a complete history lesson, it will cover the most significant changes and landmark decisions that effect the legal aspects of the way we do must do things today.


Disk Storage Concepts


This lesson will cover everything from the anatomy of a hard disk to the way data is stored on the drive. Most end users do not have a clear understanding of the way Microsoft operating systems store information in different environments. This is an in-depth look of how files are actually tracked and stored in both FAT and NTFS environments. Students will gain an understanding of the FAT table, the MFT file structure, and how the locate and recover digital artifacts in unallocated space on the drive. Even though information may not be physically visible on the drive, there are techniques to recover information that did exist on the drive at some time. Having a clear understanding of how data is stored will give the investigator the knowledge necessary to overcome these hurdles.


Basic Forensic Principals
 

This lesson will define computer forensics and teach the students the protocols that have become the accepted methodology used by computer forensic examiners and laboratories throughout the United States. The guidelines taught in section adhere to the standards, protocols and procedures set forth by the U.S. Department of Justice, the International Association of Computer Investigative Specialists (IACIS®), the National Institute of Justice and The Scientific and Technical Working Groups on Digital Evidence. These are the proven techniques that have been the most effective since the inception of computer crime. This section will define the different types of digital evidence to include residual data, electronic mail and user data. Student will learn the considerations to account for when acquiring electronic evidence on stand alone and laptop computers as well as computers in a complex or networked environment. Proper forensically sound acquisition methods are covered including documentation, packaging, transportation and storage.
 

Email Essentials
 

With email being as prevalent as it is in today’s society, understanding how to properly trace the origin or authenticity of an email can be an important factor in any investigation. Students will learn how to read the complete header of an email message to determine the original source, and will also learn techniques to tracking down forged email headers.


Introduction to Electronic Discovery
 

Students will learn to properly read and prepare electronic discovery requests and the importance of the information available. This section will cover the necessary steps for both the producing and the requesting party in the document discovery process. The history of digital evidence in litigation will show how the prominence of electronic discovery and document retention are necessary today. This section will expose the students to developing laws and the cost factors involved.
 

Digital Investigation Techniques
 

This is a 2 day series of hands-on exercises that will teach the students how to properly conduct a forensically sound investigation. The entire process from acquisition to presenting your findings is covered. Students will learn the strengths and weaknesses of the automated tools that have been accepted by the computer forensic community. Students will also gain a clear understanding of how the tools work, and how to manually examine digital evidence to conduct the most through examination possible. This section teaches the students the importance of automated software, but how alone they can miss crucial evidence that can be detrimental to an investigation.

 

New York ° Washington, DC ° Tampa ° Los Angeles ° Chicago

Boston ° Miami ° Denver ° Albany ° San Francisco ° Los Angeles

Phone 1-800-868-8189
phone 727-287-6000

FAX: 727-287-6011
Copyright 2005 Global Digital Forensics