CSX Forensics Analysis Course

Learn basic forensics and documentation skills.

Difficulty: Multilevel

CSF Domain: Respond

$400.00

Price represents the non member rate.

Buy now

Description

The Cybersecurity Nexus (CSX) Forensic Analysis Course (CFAC) provides students with an understanding of forensic documentation and data recovery methods. Students will work with forensic restoration and case management tools in order to simulate a real-world forensic intake scenario. Students will understand the importance of due process and the criticality of maintaining the integrity of fragile data in the field of digital forensics.

Continuing Professional Education (CPE) Credit Count: 20

Schedule

Lesson Introduction and Overview

In this lesson, students will:

  • Receive an overview of forensics

Lesson Chain of Custody

In this lesson, students will:

  • Learn about evidence
  • Learn about Chain of Custody

Lesson Media and Memory Types

In this lesson, students will:

  • Learn about media types
  • Learn about memory types

Lesson Forensics Enviornment

In this lesson, students will:

  • Learn about Kali Linux
  • Learn about hardware and software needed to conduct forensic examinations

Lab/Instructional Kali Forensics Environment

In this lab, students will:

  • Receive an introduction to Kali Linux
  • Become familiar with basic Linux utilities
  • Use Command Line Interface (CLI)
  • Learn how to help yourself with these utilities
  • Explore the Kali Graphical User Interface (GUI)

Lab/Instructional PostgreSQL Configuration

In this lab, students will:

  • Prepare PostgreSQL database to receive forensic case data
  • Become familiar with basic Linux utilities
  • Configure your forensic environment
  • Configure a database

Lab/Instructional Foreman Configuration

In this lab, students will:

  • Receive an Introduction to Foreman, a Forensic Case Management system
  • Become familiar with basic Linux utilities
  • Configure your forensic environment
  • Install Foreman, a Forensics Case Management tool

Lab/Instructional Final Foreman Setup

In this lab, students will:

  • Finalize Foreman environment for forensic documentation
  • Customize the configuration of Foreman
  • Become familiar with basic Linux utilities
  • Create a script to automate running Foreman

Lesson Imaging

In this lesson, students will:

  • Learn about forensic images
  • Learn about imaging and imaging tools
  • Learn about managing damaged devices

Lab/Instructional A New Case

In this lab, students will:

  • Process digital evidence
  • Continue Chain of Custody
  • Intake evidence
  • Verify evidence integrity
  • Initiate a new case
  • Assign personnel to the new case

Lesson Data Management

In this lesson, students will:

  • Learn about compression
  • Learn about confidentiality
  • Learn about device wiping
  • Learn about integrity

Lab/Instructional My First Case

In this lab, students will:

  • Accept the new case
  • Continue the chain of custody
  • Document the forensic process
  • Copy forensic images
  • Verify forensic copies
  • Uncompress forensic evidence

Lab/Instructional A Picture

In this lab, students will:

  • Analyze Digital Evidence
  • Extract Metadata from Various Files
  • Use a Script to Automate the Discovery Process
  • Learn an Anti-Forensics Technique

Lesson Drives and Files

In this lesson, students will:

  • Learn about device types
  • Learn about partitions
  • Learn about file systems and file types
  • Learn about slack space, partitions and the partition table

Lab/Instructional Data DNA

In this lab, students will:

  • Maintain the Chain of Custody
  • Analyze Partition Information from Evidence Image
  • Extract Specific Partitions from Evidence Image for Further Analysis
  • Extract Slack Space from Evidence Image for Further Analysis
  • Extract Unallocated Space from Evidence Image for Further Analysis

Lab/Instructional The Missing Piece

In this lab, students will:

  • Maintain the Chain of Custody
  • Document process and results
  • Examine Slack Space
  • Manually Extract Data
  • Automated Recovery of Files
  • Examine Unallocated Space
  • Examine Allocated Space
  • Introduction to Autopsy

Lab/Challenge Forensics Challenge

In this lab, students will use their knowledge from the previous CFAC labs to complete 5 challenge tasks.

  • Complete this forensics challenge lab using knowledge gained from the CFAC series.