C5W-100 INTRODUCTION TO DIGITAL FORENSICS

C5W-100 INTRODUCTION TO DIGITAL FORENSICS

Get Started Now

Enroll Now $150

Pricing Options

Kindly choose the enrollment pricing option that suits you best. If you're enrolling as a group or need a custom plan, please contact us. We're here to help!

C5W-100 INTRODUCTION TO DIGITAL FORENSICS

Includes 40 hours of virtual lab access

$150.00
Buy Now
C5W-100 INTRODUCTION TO DIGITAL FORENSICS

No virtual lab access

$100.00
Buy Now

This bundle includes the following courses

01
DIGITAL FORENSICS CONCEPTS
- What is Digital Forensics
- Digital Forensics Investigation
- What is the Digital Evidence
- Digital Devices
- Legal Aspects
- Types of Digital Forensic Investigation
- Challenges of Digital Forensics
- Conclusion
- How to set up your Windows VM - VMware
- How to set up your Windows VM - VBox
- Check Your Module's Knowledge
- References
- Have a Question?!
02
WORKING WITH VIRTUAL HARD DISK
- Hard Disk - Physical & Logical Drive
- Virtual Hard Disk (VHD)
- Creating Virtual Hard Disk
- Creating Virtual Hard Disk with Two Partitions
- Required Files -- Attaching and Detaching Virtual Hard Disk
- Attaching and Detaching Virtual Hard Disk
- Exercise #1
- Solutions_Virtual_Hard_Disk
- Summary
- Check Your Module's Knowledge
- Have a Question?!
03
EVIDENCE ACQUISITION UNDER WINDOWS
- Data Acquisition Concepts
- Data Validation
- Acquisition Methods
- Forensic Image File formats
- The Importance of Evidence Acquisition
- Must-Know First Response actions
- Required Files -- Sanitization of the Target Media
- Sanitization of the Target Media
- Hardwipe Tool
- Cygwin tools (dd command in Windows)
- Check Your Knowledge
- Exercise #1
- Exercise #1 Solution
- Required Files -- Acquisition Tools
- Evidence Data Acquisition
- Memory Dump
- Tools for Memory Dump
- Disk Drive Imaging
- Other Forensic Tools
- Exercise #2
- Solution_Exercise#2
- Examples of Hardware Acquisition Tools
- Using UltraDock Write-Blocker
- Required Files - Mounting a Forensic Image
- Introduction to Image Mounting
- Arsenal Image Mounter
- OSFMount
- Other Forensic Image Mounting Tools
- Exercise#3
- Solution_Exercise#3
- Summary
- References
- Have a Question?!
04
WORKING WITH FTK IMAGER
- Introduction to Forensic Toolkit Imager
- Required Files -- Introduction
- Required Files -- Installation of FTK Imager
- Install FTK Locally
- Install FTK on a Portable Device (USB)
- Required Files -- Evidence Acquisition
- Digital Evidence Acquisition
- Memory Acquisition
- Disk Acquisition
- Exercise #1
- Solutions Exercise #1
- Required Files -- Attach an Evidence Item
- Add Evidence Item to FTK Imager
- Create and Verify a Multi-Part Disk Images
- Loading a Multi-Part Disk Image
- Required Files -- Evidence Analysis
- Evidence Analysis
- Exporting Data using FTK Imager
- Detect EFS Encryption
- Exercise #2
- Solution Exercise #2
- Acquiring Protected Registry Files
- Copying Registry Files
- Required Files -- Interpreter in FTK
- Interpreter
- Exercise #3
- Solution Exercise #3
- Required Files -- Create Images with Advanced Features
- Custom Content Images
- AD Encryption
- Exercise #4
- Solution Exercise #4
- Required Files -- Image Mounting
- Image Mounting
- Steps of Image Mounting
- Mount Multi-Part Raw Disk Image with FTK
- Summary
- Have a Question?!
05
COMPUTER DATA REPRESENTATION
- Introduction to Data Representation
- Numbering Systems
- Decimal Number System (Base 10)
- Binary System (Base 2)
- Hexadecimal (Base 16)
- Octal (Base 8)
- Byte Ordering
- Introduction to Text Code
- ASCII Code
- Unicode
- Exercises
- Solutions
- Have a Question?!
06
WORKING WITH FILES
- Introduction to File Identification
- Installation of HxD Editor
- Working with HxD Editor
- Installation of 010 Editor
- Working with 010 Editor
- 010 Editor, Let us start
- Explore the View Options
- Viewing Unicode Files
- View Options: Edit As
- View: Font & Character Set
- View: Line Width & Addresses
- View: Group by, Division Lines, Left & Right View Areas
- View: Highlighting, Ruler, & Status Bar
- More View Options
- File Offsets
- Relative Offsets
- Examples on Relative Offsets 1
- Examples on Relative Offsets #2
- Search Menu: Find using Hex
- Search Menu: Find using Text
- Search Menu: Replace
- Search Menu: Find Strings
- Search Menu: Find in Files
- Search Menu: Replace in Files
- Search Menu: Goto...
- Search Menu: Goto using Directions
- The Format Menu
- Tools Menu Part #1
- Tools Menu Part #2
- Inspector (Interpreting Data) Part #1
- Inspector (Interpreting Data) Part #2
- Templates Part #1
- Templates (File Signatures) Part #2
- Templates - PE File (Part #1)
- Templates - PE File (Part #2)
- Templates - PE File (Part #3)
- Templates - PE File (Part #4)
- Templates - PE File (Part #5)
- Templates - PE File (Part #6)
- Templates - PE File (Part #7)
- Templates - PE File (Part #8)
- Templates - PE File (Part #9)
- Templates - PE File (Part #10)
- Templates - PE File (Part #11)
- Templates - PE File (Part #12)
- Reviewing 010 Template for PE File Format
- Required Files
- Introduction to File Signature
- Text Files
- Microsoft Word File
- PDF Files
- TAR Files
- Zip File
- PNG Files
- JPEG Files
- EXE Files
- MP3 Files
- MP4 Files
- System Metadata
- Embedded Metadata
- Required Files -- Exercises
- Exercise #1
- Exercise #2
- Exercise #3
- Solutions of Exercises
- Have a Question?!
07
FILE SYSTEM AND DATA CARVING
- Introduction to File System and Data Carving
- What is File System
- Hard Disk
- NTFS
- Ext4
- NTFS vs EXT4
- Required Files -- Data Carving
- Introduction to Data Carving
- Manual Data Carving - Using Hex Editor
- Manual Data Carving - Carving an Image from a Doc File
- Automatic Data Carving - Photorec
- Automatic Data Carving - foremost
- Required Files -- Exercises
- Exercise #1
- Exercise #1 - Solution
- Exercise #2
- Exercise #2 - Solution
- Exercise #3
- Exercise #3 - Solution
- Have a Question?!
08
WORKING WITH TIME ZONES AND DATES
- Introduction
- Converting Times
- Converting Dates
- Exercise 01
- Exercise 01 - Solution
- File Operations
- Required Files -- Timestamps and File Operation
- Exercise 02 -- Inspecting Timestamps
- Exercise 02 -- Solutions
- Have a Question?!
09
WRITING FORENSIC REPORTS
- What is the Forensics Report ?
- Preparing For Forensics Report
- The Importance of the Forensics Report
- Why Documenting is Important?
- Forensics Report Sections
- Reporting Standards And Guidelines
- Conclusions
- Have a Question?!

Course Type: Theory & Hands-on

Get Started Now

Your first steps to digital forensics

Enroll Now $150

Learning Outcomes

After completing this course, you will learn the following.

Understand the concepts of digital forensics and investigation
Understand the evidence acquisition and how to acquire evidence under Windows
Master FTK Imager usage
Learn how data is represented on computers
Understand files and headers
Become familiar with the basics of file systems and learn how to carve data
Master time zones and date analysis
Learn how to write forensic reports

Technical Requirements

To complete the hands-on labs of this track

Basic knowledge of using a Virtual Machine
Windows 10 operating system (recommended)

Social Proof: Reviews

franklin ijomah

“The course provided good, clear, precise material on digital forensics, it was a wonderful experience with good exercises to reinforce knowledge and i would recommend it for anyone interested in digital forensics. ”

“The course provided good, clear, precise material on digital forensics, it was a wonderful experience with good exercises to reinforce knowledge and i would recommend it for anyone interested in digital forensics. ”

What is next at Cyber 5W?

Add your email to receive updates on new courses.