Digital Forensics

You will get hands-on with a wide variety of investigations like operating system file investigations, recovery of files on storage media, analysis of data collected from live network traffic and a variety of mobile devices.

This course prepares you in effective exploration, evaluation and use of digital forensics tools to recover data and be able to compare various approaches with acceptable practice standards. You will learn to identify the usability of digital forensics and challenges involved in acquiring data from various types of Internet of Things devices.

Key topics include:

• Introduction to the digital forensics process
• Data acquisitions and processing crime and incident scenes
• Investigating file systems (Windows, Linux, MacOS) for forensic analysis
• Computer forensics tools for recovery files from storage medias
• Live forensics investigating RAM and network traffic for collecting digital evidence
• Cell phones and mobile devices forensics analysis.

Delivery 
This online program is designed and delivered by trusted Industry and Education experts from The Institute of Applied Technology – Digital.

Schedule: 64 hours over 6-8 weeks.

What You Will Learn

Course Outcomes

• Describe and understand digital forensics processes.
• Explain how to prepare for and conduct digital investigations; including understanding that legal processes depend on local custom, legislative standards, and rules of evidence with ethics.
• Summarise the difference between categories of computer investigations.
• Explain ways to determine the best acquisition method.
• Describe contingency planning for data acquisitions.
• Explain how to use acquisition tools and apply data-hiding and validation methods.
• Determine what data to analyse in a digital forensics investigation.
• Explain the purpose and structure of file systems.
• List some options for decrypting drives encrypted with whole disk encryption.
• Explain how the Windows Registry works.
• Describe start-up tasks to collect evidence from a crime scene.
• Explain how to evaluate needs for digital forensics tools.
• Describe available digital forensics software tools.
• Describe methods for validating and testing forensics tools.
• Describe types of file formats and explain how to locate and recover graphics files.
• Explain how to perform live acquisition.
• List and work on forensic tools to perform live and network acquisition.
• Describe the process of a live acquisition and explain network intrusions as well as unauthorised access.

• Describe standard procedures in network forensics and network-monitoring tools.
• Explain the basic concepts of mobile device forensics.
• Describe procedures for acquiring data from mobile devices.
• Summarise the challenges of forensic acquisitions of data stored on Internet of Things devices.

Prerequisites
Experience/ qualification/ prior Microskills/credentials

Students must have the following experience and/or qualifications:

• Foundational ICT skills
• Vocational Level English
• Foundational knowledge of cyber security (minimum 1 year experience working in cyber security field or completed Cert IV in Cyber Security or equivalent certifications)
• Networking fundamentals

If you do not have experience or qualifications in Cyber Security but have good IT knowledge you may be invited to sit for a technical test to qualify for the program.

Certification
Proof of learning achieved from Microcredential

Students will obtain IATD – Certificate of Completion on successfully completing this course.

Students can also obtain the following certification(s):

• SC-900: Microsoft Security, Compliance and Identity Fundamentals

• AZ-900: Microsoft Azure Fundamentals

Study materials for the above certifications will be provided.