Advanced Computer Forensics
What you'll learn
- RAM forensics analysis and acquisition
- Forensics elements in the Windows registry and how to examine those elements
- Pros and cons of live forensics acquisitions
- Basics of testifying in a court of law
- Examination of non-traditional devices such as smart devices, Gaming systems and drones
- Basic understanding of computer forensics in regard to the purpose and acquisition techniques.
- We will be using mostly open source tools, such as RegRipper and FTK Imager which will be downloaded during the course
This course is designed for people with a working knowledge of computer forensics but looking to go deeper into specific skill and techniques of the the field. We cover techniques and examine devices that are more volatile or more difficult to access than a standard PC acquisition. This is the third course following my pervious course Computer Forensics Fundamentals and Intermediated Computer Forensics. While those course are recommended it is not required to take this course as they are independent in regard to topics taught.
Advanced Computer Forensics will provide:
Ram Acquisition and Analysis
Windows registry forensics
Hives and NTUSER.dat
USB and network connections
Live forensic acquisitions
Non-traditional devices (Internet of Things), games systems, drones and camera systems
Testifying in a court of law
The course will consist of presentations to explain the concepts of computer forensics as well as demonstrations of proper software and collections of digital evidence, using primary open source or free software so that students can replicate the demonstrations on their own. Quizzes will reenforce the concepts.
This course is designed for anyone with an interest computer forensics to get a deeper taste of the real world of digital forensics examination.
As an advanced course it will consist of presentations, hands on lessons and quizs.
Who this course is for:
- Someone with an interest in learning computer forensics
- Someone who wants to know more about how computer stores information and how to find it.
- Someone with a cursory knowledge of computer forensics but wants to know more about the details
Having advanced degrees in Information Technology and decades of experience in the field working with hardware, software, networking and databases. I have a passion for computer forensics because it involved detective skills as well as IT proficiency and the combination is a growing field that keeps getting bigger. My profession certifications in the computer forensics field include AccessData Certified Examiner (ACE), EnCase Certified Examiner (ENCE) and Cyber Incident Responder Certificate from the DOD Defense Cyber Crime Center. I bring a diverse experience of IT related topics that i have encountered in my career and paths of study.
I have worked and taught professionally for years Database application programming and administration. I have done database development work in the an Oracle and Microsoft SQL Server environments, as well as taught Oracle database administration at the college level.
In addition to my work in the IT field I also have a diverse background in business, leadership and communications. With interesting in subject matter such as body language and group dynamics, I am able to competently talk about this subject matter with ease. I hope to be adding course on these types of subjects as part of my future endeavors as a Udemy instructor.
Since my childhood I have had the hobby of genealogy. I have traced my family tree through out the United States and Europe. I have combined my fascination with technology and with genealogy to help speed up my research and improve my results. My work in Computer Forensics, finding evidence on a hard drive has assisted with my hobby of finding relatives in my family tree. Both are different forms of detective work that require tracing things back to the origins.