BelkaX-102 Advanced Computer-based Investigations Course
The course details:
Language: English
Duration: 2 days
Formats: Onsite or online
This course is designed to provide the knowledge and skills required to leverage Windows resources and artifacts to perform a comprehensive timeline-based examination.
The course is designed for
The course content
During course activities and exercises, participants will demonstrate the ability to perform forensically sound investigations and efficiently analyze digital artifacts pertaining to items of evidentiary value. Upon completion of this course, participants will be able to draft an effective report on findings detailing the analysis process followed to locate pertinent evidence.
Modules
- Introduction1 hour
- The Case Jacket1 hour
- Windows Registry Artifacts2 hours
- Parsing Windows Prefetch1 hour
- Parsing Link Files1 hour
- Windows 10 Timeline and Event Logs2 hours
- Understanding Metadata1 hour
- Final Practical3 hours
Expertise
Belkasoft course is written based on over fifteen years of field experience from working with LE officers and CCU examiners worldwide.
The techniques taught in this course have been curated from extensive research, testing, and use on live systems involved in actual cyber crimes investigated around the world where DSI examiners were actively involved as contracted analysts, instructors, and mentors.