Essential Forensic Techniques II: In-Depth Digital Forensic Analysis
As the second part of our Essential Forensic Techniques series, this course is targeted toward students who have completed EFT I; however, advanced examiners may contact our Training Department if you have not taken EFT I but believe you would be comfortable in an EFT II course. We will provide you with a short placement exam to determine which course would best accommodate your knowledge, skills, and abilities.
Essentials Forensic Techniques II will delve into more complex concepts, including the specific data points found within any iOS, Windows and/or Mac OS X analysis. Operating systems and file systems leave complex artifacts in both active and unallocated space, all of which will this course covers in detail. It is because BlackBag’s instructors remain in contact with investigators from both the law enforcement and corporate environments that the data used in classes is current and relevant. With continued hands-on learning and realistic scenarios, BlackBag’s instructors will guide students through methods of discovery for new application data, analysis of known data, and best reporting practices. As with the EFT I course, BlackBag’s team of instructors will use their extensive knowledge and experience to address practical, significant casework challenges facing investigators today.
Course Length: 5 days
Course Credit: 32 hours
At the conclusion of this course, students will have reviewed three different case scenarios, learning about specific file system date artifacts, gaining access to passwords, and navigating Time Machine backups. In addition, we’ll discuss techniques for analyzing multiple operating systems, data artifacts from unknown applications, and other operating system features. As with the first course, Essential Forensic Techniques II includes a written and practical assessment of the students' comprehension of the material.
Attendees should have above-average computer skills and should have attended Essential Forensic Techniques I or its equivalent. This course is for seasoned analysts who are comfortable with multiple operating systems, multiple device environments, and certain specific areas of interest defined in the first class. Those who have not received equivalent training may not possess the necessary knowledge base needed to successfully complete this course.
$3,300 USD Government / Private Sector