CSX ADVANCED FORENSICS COURSE
Take the next step in the CSX series of forensics courses! In this course we will take students into a deep dive of some of the more advanced forensics techniques. The course includes a closer look at the following forensics topics:
- Forensics Tools Setup;
- Network Forensics;
- Steganography;
- Windows Registry;
- Remote Forensics.
- Forensics Tools Setup;
- Network Forensics;
- Steganography;
- Windows Registry;
- Remote Forensics.
CONTENUTO:
Ten lessons with hands-on labs that focus on aspects of advanced forensics techniques, plus two bonus challenge labs that test your new skills.
ntroduction to Advanced ForensicsI (Lesson)
In this lesson you’ll be reintroduced to some of the concepts behind basic forensics. This lesson also includes a course overview of objectives and NIST CSF domains covered. Cybersecurity work roles related to this course as well as some legal information on the use of the materials presented are touched upon in this lesson.
Preparing the Digital Forensics Environment (Lesson)
Get an overview into the Kali Linux environments forensic tools that we will utilize during the labs in this course. This lesson also goes into the procedures for protecting digital evidence as well as the legal considerations while choosing which tools to use while conducting E-Discovery investigations.
Kali Forensics Introduction (Instructional Lab)
In this lab, students will refamiliarize themselves with the Kali Linux environment focusing on the forensics capabilities and setup of the operating system.
Forensics Lab Setup (Instructional Lab)
Continuing with the reintroduction to Kali Linux, students will setup, configure, and run advanced OS features and services such as PostgreSQL and Forman.
Network Forensics (Lesson)
Network logs and packet captures can be vital in building network forensic cases. In this lab, student will conduct live network captures, extract data from network traffic, and conduct analysis on that data utilizing GUI and command line tools.
Network Forensics (Instructional Lab)
Network logs and packet captures can be vital in building network forensic cases. In this lab, student will conduct live network captures, extract data from network traffic, and conduct analysis on that data utilizing GUI and command line tools.
Wireshark and Steganography Essentials (Instructional Lab)
This lab will introduce students to Wireshark and network analysis. This will include packet analysis, data extraction, and conducting live network captures. This lab will also cover the ability to extract hidden data from images as well as metadata.
Windows Registry Forensics (Lesson)
Windows devices can be prevalent in an enterprise architecture and as a forensics investigator it’s important to know the nuances of any possible operating systems on devices that you may have to investigate. This lesson will touch upon the information you can gather via the Windows registry.
Windows Registry (Instructional Lab)
Conducting forensics on specific systems may require special tools and skill sets. In the Windows OS the registry is utilized to store application and user data that could be useful in a forensics investigation. In this lab students will utilize special tools and techniques to extract this data from a Windows registry.
Remote Forensics/Live Response (Lesson)
As off-premises computing technologies such as virtual private servers (VPS) and cloud computing becomes more available, forensic specialist will need to know how to conduct remote operations on systems they do not have physical access to. In this lesson we’ll touch on some of the capabilities and techniques you’ll need to complete remote forensics tasks.
Remote Forensics (Instructional Lab)
Physical access to a device in an investigation isn’t always possible. With more assets being located elsewhere with containerized systems, Virtual Private Servers (VPS), and the cloud it is important to know how to conduct forensics on a remote device. In this lab students will conduct remote forensics on a server.
Advanced Forensics Challenge 1 (CHALLENGE LAB)
In this challenge lab students will use their skills learned in previous labs to conduct forensics on a compromised machine to discover what was targeted, attribution, and discover possible malware.
Advanced Forensics Challenge 2 (CHALLENGE LAB)
In this challenge lab students will use their skills learned in previous labs to conduct network and image file forensics.
ntroduction to Advanced ForensicsI (Lesson)
In this lesson you’ll be reintroduced to some of the concepts behind basic forensics. This lesson also includes a course overview of objectives and NIST CSF domains covered. Cybersecurity work roles related to this course as well as some legal information on the use of the materials presented are touched upon in this lesson.
Preparing the Digital Forensics Environment (Lesson)
Get an overview into the Kali Linux environments forensic tools that we will utilize during the labs in this course. This lesson also goes into the procedures for protecting digital evidence as well as the legal considerations while choosing which tools to use while conducting E-Discovery investigations.
Kali Forensics Introduction (Instructional Lab)
In this lab, students will refamiliarize themselves with the Kali Linux environment focusing on the forensics capabilities and setup of the operating system.
Forensics Lab Setup (Instructional Lab)
Continuing with the reintroduction to Kali Linux, students will setup, configure, and run advanced OS features and services such as PostgreSQL and Forman.
Network Forensics (Lesson)
Network logs and packet captures can be vital in building network forensic cases. In this lab, student will conduct live network captures, extract data from network traffic, and conduct analysis on that data utilizing GUI and command line tools.
Network Forensics (Instructional Lab)
Network logs and packet captures can be vital in building network forensic cases. In this lab, student will conduct live network captures, extract data from network traffic, and conduct analysis on that data utilizing GUI and command line tools.
Wireshark and Steganography Essentials (Instructional Lab)
This lab will introduce students to Wireshark and network analysis. This will include packet analysis, data extraction, and conducting live network captures. This lab will also cover the ability to extract hidden data from images as well as metadata.
Windows Registry Forensics (Lesson)
Windows devices can be prevalent in an enterprise architecture and as a forensics investigator it’s important to know the nuances of any possible operating systems on devices that you may have to investigate. This lesson will touch upon the information you can gather via the Windows registry.
Windows Registry (Instructional Lab)
Conducting forensics on specific systems may require special tools and skill sets. In the Windows OS the registry is utilized to store application and user data that could be useful in a forensics investigation. In this lab students will utilize special tools and techniques to extract this data from a Windows registry.
Remote Forensics/Live Response (Lesson)
As off-premises computing technologies such as virtual private servers (VPS) and cloud computing becomes more available, forensic specialist will need to know how to conduct remote operations on systems they do not have physical access to. In this lesson we’ll touch on some of the capabilities and techniques you’ll need to complete remote forensics tasks.
Remote Forensics (Instructional Lab)
Physical access to a device in an investigation isn’t always possible. With more assets being located elsewhere with containerized systems, Virtual Private Servers (VPS), and the cloud it is important to know how to conduct forensics on a remote device. In this lab students will conduct remote forensics on a server.
Advanced Forensics Challenge 1 (CHALLENGE LAB)
In this challenge lab students will use their skills learned in previous labs to conduct forensics on a compromised machine to discover what was targeted, attribution, and discover possible malware.
Advanced Forensics Challenge 2 (CHALLENGE LAB)
In this challenge lab students will use their skills learned in previous labs to conduct network and image file forensics.
ESAME:
The CSX Advanced Forensics Certificate Exam assesses a candidate’s ability to accomplish advanced forensics tasks. These tasks will consist of network forensics, remote forensics, data extraction, steganography, and windows registry analysis.
This one-hour exam contains no multiple-choice questions or simulations and intentionally restricts access to the internet. Where applicable, man pages and help files are available.
Objectives:
Candidates must complete tasks of varying duration with minimal instruction and are expected to demonstrate an ability to:
- Analyze network capture files to extract usernames and passwords;
- Filter network captures for specific protocols;
- Utilize steganography tools to uncover hidden data;
- Conduct port scans to identify local assets;
- Gather critical Windows OS files for forensic analysis;
- Utilize registry forensics tools;
Students must be comfortable leveraging the following tools:
- Tshark;
- Wireshark;
- RegRipper;
- Exiftool;
- Basic Linux Terminal commands;
This one-hour exam contains no multiple-choice questions or simulations and intentionally restricts access to the internet. Where applicable, man pages and help files are available.
Objectives:
Candidates must complete tasks of varying duration with minimal instruction and are expected to demonstrate an ability to:
- Analyze network capture files to extract usernames and passwords;
- Filter network captures for specific protocols;
- Utilize steganography tools to uncover hidden data;
- Conduct port scans to identify local assets;
- Gather critical Windows OS files for forensic analysis;
- Utilize registry forensics tools;
Students must be comfortable leveraging the following tools:
- Tshark;
- Wireshark;
- RegRipper;
- Exiftool;
- Basic Linux Terminal commands;
LIVELLO:
ADVANCEDDOMINIO:
RESPONDPREZZO:
400,00 € + IVA
PREZZO ESAME:
250,00 € + IVA
