ECTEG course - Network Forensic Intermediate Course
Title: Network Forensic Intermediate Course
Duration: 1 week
The aim of this course is to provide students with theoretical and practical knowledge of networks at an intermediate level. Training will encompass latest best practice, technologies and techniques available to Law Enforcement specialists.
- Hackers and Investigators methodologies
- Both Client and Server side attacks
- Log analysis
- Scenarios will allow the student to identify evidence required in a network investigation
By the end of this course the students will be able to:
- Explain how a hacker penetrated a network or a server,
- Develop an understanding of major intrusion techniques as well as collecting traces,
- Better assemble evidence for court that is clear and supportive of evidential needs.
The following pre-requisites have been set for this course:
- Satisfactory completion of the ECTEG Introductory IT Forensics & Network Investigations course or equivalent
- Good knowledge of TCP/IP protocols, IP address, subnet masks
- Good knowledge of hexadecimal, computer units, ASCII, Unicode
- Linux basics commands (file manipulation, editing files)
- Knowledge (even basic) of php, sql would be an advantage
- Pre-read material has been provided for potential students, and a knowledge check can be sent to them to allow them to assess their level of knowledge prior to the course. One of the first sessions is a Pre-read Review
It is essential that students have a good working knowledge of the English language as the lessons will be delivered in English.
Small list of agenda / topics / main points
- Linux & Security
- Attackers Methodology and Motives
- Infrastructure Attacks
- Investigators Methodology
- Server Side Application Attacks
- Case Study: Scenario 1 - Defaced Website
- Client Side Attacks
- Analysis of Suspicious Files
- ../.. undisclosed topics
If you are interested in applying for these courses please take a look at the application page
for more information.