ECTEG

European Cybercrime Training and Education Group

Home About Members Courses Apply for courses Contact

ECTEG course - Introductory Open Source IT Forensics & Network Investigations


Title: Introductory Open Source IT Forensics & Network Investigations
Year: Mar 2013 – Version 1.0
Duration: 2 weeks

Course Aim

The aim of this course is to provide participants with an introduction to Open Source forensic software, file systems, data carving, evidential digital artefacts, networking and network security, cloud computing, email investigations, computer forensic strategies and live data forensics.

The entire course has been developed to incorporate Open Source or free tools that are available in most Linux distributions. Therefore each learning objective below will be achieved using Open Source software.

Prerequisites

This is a very practical course, and as a result a lot of preparation must be done by students who wish to attend it. Much of the theory will be delivered as pre-read material and recapped during the two week course in review sessions and instructor led practicals.

Although technically a two week course, the real work of this course begins much earlier for the students. The idea behind this was to reduce the quantity of theory on the course and make it much more practical. As a result the students must read a selection of pre-read documents and familiarise themselves with the Linux Operating System in the months prior to the course delivery.

Students will need to be able to understand and communicate in English.

Small list of agenda / topics / main points

Week one: has a basic digital forensics theme:
Introduction to Linux, Introduction to Computer Data, Imaging and Hashing, Partitioning & Formatting, FAT and NTFS File Systems, Data Carving, Metadata, Browser Artifacts, Registry Artifacts.

Week two: network investigations and the seizure of evidence at a search scene:
Introduction to Networks, Introduction to Windows Networking, Wireless Networks, Demystifying The Cloud, Email Investigations, Computer Forensic Strategies, Live Data Forensics

If you are interested in applying for these courses please take a look at the application page for more information.