II) Digital Forensic
Curriculum
Module 01: Computer Forensics Introduction
a) Understanding Computer Forensics
b) Why and When Do You Use Computer Forensics?
c) Rules of Forensics Investigation
d) Understanding Digital Evidence
e) Rules of Evidence
f) Roles and Responsibilities of Forensics Investigator
Module 02: Computer Forensics Investigation Process
a) Phases Involved in the Computer Forensics Investigation Process
b) Pre-investigation Phase
c) Investigation Phase
d) Post-investigation Phase
Module 03: Understanding Hard Disks and File Systems
a) Hard Disk Drive Overview
b) Physical Structure of a Hard Disk
c) Logical Structure of Hard Disk
d) Understanding File Systems
e) File System Analysis
Module 04: Data Acquisition and Duplication
a) Data Acquisition and Duplication Concepts
b) Static Acquisition
c) Prepare a Chain of Custody Document
d) Data Acquisition and Duplication Steps
e) Data Acquisition and Duplication Tools
f) Validate Data Acquisitions
g) Acquisition Best Practices
Module 05: Defeating Anti-forensics Techniques
a) Goals of Anti-Forensics
b) Anti-Forensics techniques
c) Password Protection
d) Steganography
e) Data Hiding in File System Structures
f) Artifact Wiping
g) Anti-Forensics Countermeasures
h) Anti-Forensics Challenges
i) Anti-forensics Tools
Module 06: Operating System Forensics (Windows, Mac, Linux)
a) Introduction to OS Forensics
b) Windows Forensics
c) Collecting Volatile Information
d) Collecting Non-Volatile Information
e) Analyse the Windows thumbcaches
f) Windows Memory Analysis
g) Windows Registry Analysis
h) Cache, Cookie, and History Analysis
i) Windows File Analysis
j) Metadata Investigation
k) Forensic Analysis of Event Logs
l) Linux Forensics
m) MAC Forensics
Module 07: Network Forensics
a) Introduction to Network Forensics
b) Fundamental Logging Concepts
c) Event Correlation Concepts
d) Network Forensic Readiness
e) Network Forensics Steps
f) Network Traffic Investigation
g) Documenting the Evidence
h) Evidence Reconstruction
Module 08: Investigating Web Attacks
a) Introduction to Web Application Forensics
b) Web Attack Investigation
c) Investigating Web Server Logs
d) Web Attack Detection Tools
Module 09: Malware Forensics
a) Introduction to Malware Forensics
b) Malware Analysis: Dynamic
c) Analysis of Malicious Documents
d) Malware Analysis Challenges
Module 10: Investigating Email Crimes
a) Email System
b) Email Crimes
c) Email Message
d) Steps to Investigate Email Crimes and Violation
e) Email Forensics Tools