H11 Digital Forensics.com
Sign Up For A Class Today
Click on the Sign Up Info button for dates, times, and locations!
EnCase Advanced Internet Examinations
The course will enable students to recover and examine from peer-to-peer file-sharing applications (BitTorrent, LimeWire and BearShare), instant messaging applications (AOL Instant Messenger and Yahoo! Instant Messenger) and web browsers (Microsoft Internet Explorer and Mozilla-based browsers). Students will also be able to examine computer systems with regards to Trojan viruses and key loggers. Students will also learn important information with regard to the examination of Outlook PST, web and Lotus Notes email. Students will be able to properly explain the browser caching process and rebuild cached Internet Explorer web pages.
This hands-on course involves practical exercises and real-life simulations. The class focuses on the forensic evidence located on the computer belonging to the suspect and /or victim – not online or cyber investigations. Email files and the Internet are cornerstones of consumer and business computer use. Virtually all computer forensic examinations will involve analysis of email and Internet artifacts, underscoring the need to understand the relevance of Internet and email-based evidence recovered during examinations.
- Students will learn the history, operation and artifacts associated with peer-to-peer file-sharing applications such as BitTorrent™, LimeWire™ and BearShare.
- Students will learn the impact of Trojan viruses through examination of:
- Defense issues
- The Windows Registry
- Hash analysis
- Anti-virus scanning and virus analysis using the EnCase Virtual File System (VFS) Module and the EnCase Physical Disk Emulator (PDE) Module
